CVE-2016-10508

Published August 31st, 2017

View on NVD ↗

CVSS v3

N/A

CVSS v2

4.3

MEDIUM

Affected

PROJECT

Description

Multiple cross-site scripting (XSS) vulnerabilities in phpThumb() before 1.7.14 allow remote attackers to inject arbitrary web script or HTML via parameters in demo/phpThumb.demo.showpic.php.

JamesHeinrich/phpThumb

phpThumb() - The PHP thumbnail generator

GitHub

317