Advanced Image Hosting Script

CVEs (4)

CVE	Risk	CVSS	EPSS	Published	Description
CVE-2012-6039	0.03	—	0.01	Nov 26, 2012	SQL injection vulnerability in view_comments.php in YABSoft Advanced Image Hosting (AIH) Script, possibly 2.3, allows remote attackers to execute arbitrary SQL commands via the gal parameter.
CVE-2009-4266	0.03	—	0.01	Dec 10, 2009	Cross-site scripting (XSS) vulnerability in search.php in YABSoft Advanced Image Hosting (AIH) Script 2.2, and possibly 2.3, allows remote attackers to inject arbitrary web script or HTML via the text parameter.
CVE-2009-1032	0.03	—	0.01	Mar 20, 2009	SQL injection vulnerability in gallery_list.php in YABSoft Advanced Image Hosting (AIH) Script 2.3 allows remote attackers to execute arbitrary SQL commands via the gal parameter.
CVE-2008-2536	0.03	—	0.00	Jun 3, 2008	SQL injection vulnerability in out.php in YABSoft Advanced Image Hosting (AIH) Script 2.1 and earlier allows remote attackers to execute arbitrary SQL commands via the t parameter.

CVE-2012-6039Nov 26, 2012
risk 0.03cvss —epss 0.01
SQL injection vulnerability in view_comments.php in YABSoft Advanced Image Hosting (AIH) Script, possibly 2.3, allows remote attackers to execute arbitrary SQL commands via the gal parameter.
CVE-2009-4266Dec 10, 2009
risk 0.03cvss —epss 0.01
Cross-site scripting (XSS) vulnerability in search.php in YABSoft Advanced Image Hosting (AIH) Script 2.2, and possibly 2.3, allows remote attackers to inject arbitrary web script or HTML via the text parameter.
CVE-2009-1032Mar 20, 2009
risk 0.03cvss —epss 0.01
SQL injection vulnerability in gallery_list.php in YABSoft Advanced Image Hosting (AIH) Script 2.3 allows remote attackers to execute arbitrary SQL commands via the gal parameter.
CVE-2008-2536Jun 3, 2008
risk 0.03cvss —epss 0.00
SQL injection vulnerability in out.php in YABSoft Advanced Image Hosting (AIH) Script 2.1 and earlier allows remote attackers to execute arbitrary SQL commands via the t parameter.