Vulnerabilities (CVE)

Filtered by vendor Kdpics Subscribe

Filtered by product Kdpics

Total 2 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2006-6516	1 Kdpics	1 Kdpics	2025-04-09	7.5 HIGH	N/A
Multiple PHP remote file inclusion vulnerabilities in KDPics 1.16 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the (1) page parameter to (a) index.php3, or the (2) lib_path parameter to (b) authenticate.inc.php3 or (c) lib/exifer/exif.php.
CVE-2006-6517	1 Kdpics	1 Kdpics	2025-04-09	6.8 MEDIUM	N/A
Multiple cross-site scripting (XSS) vulnerabilities in KDPics 1.16 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) categories parameter to (a) index.php3 or (b) galeries.inc.php3.