CVE-2014-9236

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2014-9236

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2014-9236.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2014-9236

Downstream

DEBIAN-CVE-2014-9236

UBUNTU-CVE-2014-9236

Published

2014-12-03T21:59:06Z

Modified

2026-04-10T03:44:48.238969Z

Summary

[none]

Details

Cross-site scripting (XSS) vulnerability in php/editphotos.php in Zoph (aka Zoph Organizes Photos) 0.9.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the (1) photographerid or (2) _crumb parameter.

References

http://packetstormsecurity.com/files/129141/Zoph-0.9.1-Cross-Site-Scripting-SQL-Injection.html
http://seclists.org/fulldisclosure/2014/Nov/45

CVE-2014-9236

Affected packages