cbcvebase.

Tenfourzero Shutter vulnerabilities

5 known vulnerabilities affecting tenfourzero/shutter.

Total CVEs
5
CISA KEV
0
Public exploits
2
Exploited in wild
0
Severity breakdown
HIGH4MEDIUM1

Vulnerabilities

Page 1 of 1
CVE-2016-10081P3HIGHCVSS 7.8PoC≥ 0, < 0.93.1-1.32016-12-29
CVE-2016-10081 [HIGH] CVE-2016-10081: /usr/bin/shutter in Shutter through 0 /usr/bin/shutter in Shutter through 0.93.1 allows user-assisted remote attackers to execute arbitrary commands via a crafted image name that is mishandled during a "Run a plugin" action.
osv
CVE-2009-1650P3HIGHCVSS 7.5PoCv0.1.12009-05-16
CVE-2009-1650 [HIGH] CWE-89 CVE-2009-1650: Multiple SQL injection vulnerabilities in photos.php in Shutter 0.1.1 allow remote attackers to exec Multiple SQL injection vulnerabilities in photos.php in Shutter 0.1.1 allow remote attackers to execute arbitrary SQL commands via the (1) albumID, (2) tagID, and (3) photoID parameters to index.html.
nvd
CVE-2015-0854P3HIGHCVSS 7.8≥ 0, < 0.93.1-12016-12-29
CVE-2015-0854 [HIGH] CVE-2015-0854: App/HelperFunctions App/HelperFunctions.pm in Shutter through 0.93.1 allows user-assisted remote attackers to execute arbitrary commands via a crafted image name that is mishandled during a "Show in Folder" action.
osv
CVE-2014-3904P3HIGHCVSS 7.5v0.1.42014-08-17
CVE-2014-3904 [HIGH] CWE-89 CVE-2014-3904: SQL injection vulnerability in lib/admin.php in tenfourzero Shutter 0.1.4 allows remote attackers to SQL injection vulnerability in lib/admin.php in tenfourzero Shutter 0.1.4 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
nvd
CVE-2014-3905P4MEDIUMCVSS 4.3v0.1.42014-08-17
CVE-2014-3905 [MEDIUM] CWE-79 CVE-2014-3905: Cross-site scripting (XSS) vulnerability in tenfourzero Shutter 0.1.4 allows remote attackers to inj Cross-site scripting (XSS) vulnerability in tenfourzero Shutter 0.1.4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
nvd
Tenfourzero Shutter vulnerabilities | cvebase