CalvinBackup/CVEs-PoC
1
0
Fork 0
mirror of https://github.com/0xMarcio/cve.git synced 2026-05-12 05:11:38 +02:00
Code Issues Packages Projects Releases Wiki Activity
Files
9822fb37735000bda8766c00a6155fb6da059fd1
CVEs-PoC/2014/CVE-2014-3123.md
T
0xMarcio cb00e1339f Update CVE list 2025-09-29 21:09
2025-09-29 21:09:30 +02:00

803 B
Raw Blame History

CVE-2014-3123

Description

Cross-site scripting (XSS) vulnerability in admin/manage-images.php in the NextCellent Gallery plugin before 1.19.18 for WordPress allows remote authenticated users with the NextGEN Upload images, NextGEN Manage gallery, or NextGEN Manage others gallery permission to inject arbitrary web script or HTML via the "Alt & Title Text" field.

POC

Reference

No PoCs from references.

Github

Reference in New Issue View Git Blame Copy Permalink