butterflymedia

Top products

The 8 most recently published vulnerabilities affecting butterflymedia.

• CVE-2025-5842Modern Design Library <= 1.1.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via class Parameter6.4Jun 26, 2025
• CVE-2024-9776ImagePress - Image Gallery <= 1.2.2 - Authenticated (Administrator+) Stored Cross-Site Scripting via Plugin Settings4.4Oct 12, 2024
• CVE-2024-9824ImagePress - Image Gallery <= 1.2.2 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Post Deletion and Post Title Update4.3Oct 12, 2024
• CVE-2024-9778ImagePress – Image Gallery <= 1.2.2 - Cross-Site Request Forgery to Plugin Settings Update4.3Oct 12, 2024
• CVE-2008-7181Butterfly Organizer 2.0.0 allows remote attackers to (1) delete arbitrary categories via a modified tablehere parameter to category-delete.php with the is_js_confirmed parameter set to 1, or (2) de...7.5Sep 8, 2009
• CVE-2008-6700Multiple cross-site scripting (XSS) vulnerabilities in Butterfly Organizer 2.0.0 allow remote attackers to inject arbitrary web script or HTML via the (1) mytable parameter to view.php, (2) mytable...4.3Apr 10, 2009
• CVE-2008-6328SQL injection vulnerability in view.php in Butterfly Organizer 2.0.0 and 2.0.1 allows remote attackers to execute arbitrary SQL commands via the id parameter.7.5Feb 27, 2009
• CVE-2008-6311SQL injection vulnerability in view.php in Butterfly Organizer 2.0.1 allows remote attackers to execute arbitrary SQL commands via the mytable parameter. NOTE: the id vector is covered by another ...7.5Feb 27, 2009