Improper input validation in 4homepages 4images

CVE-2012-1023

Open redirect vulnerability in admin/index.php in 4images 1.7.10 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the redirect parameter.

Vulnerability class: Drupalgeddon 2 (CVE-2018-7600)

EPSS: 0.020 (78.3th percentile) — read the EPSS interpretation.

Affected products

Weakness classification (CWE)

References