CVE-2012-1023

Name of the Vulnerable Software and Affected Versions 4images version 1.7.10

Description The issue allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the redirect parameter. This can be exploited by including a malicious URL in the redirect parameter, potentially leading to phishing attacks.

Recommendations For version 1.7.10, update to a newer version that contains a fix for this issue, or as a temporary workaround, consider validating and sanitizing the redirect parameter in the admin/index.php file to prevent redirects to arbitrary web sites.