Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
piwigo piwigo 2.9.5 vulnerabilities and exploits
(subscribe to this query)
356
VMScore
CVE-2020-19212
SQL Injection vulnerability in admin/group_list.php in piwigo v2.9.5, via the group parameter to delete.
Piwigo Piwigo 2.9.5
668
VMScore
CVE-2020-19213
SQL Injection vulnerability in cat_move.php in piwigo v2.9.5, via the selection parameter to move_categories.
Piwigo Piwigo 2.9.5
578
VMScore
CVE-2020-19217
SQL Injection vulnerability in admin/batch_manager.php in piwigo v2.9.5, via the filter_category parameter to admin.php?page=batch_manager.
Piwigo Piwigo 2.9.5
609
VMScore
CVE-2019-13363
admin.php?page=notification_by_mail in Piwigo 2.9.5 has XSS via the nbm_send_html_mail, nbm_send_mail_as, nbm_send_detailed_content, nbm_complementary_mail_content, nbm_send&am...
Piwigo Piwigo 2.9.5
609
VMScore
CVE-2019-13364
admin.php?page=account_billing in Piwigo 2.9.5 has XSS via the vat_number, billing_name, company, or billing_address parameter. This is exploitable via CSRF.
Piwigo Piwigo 2.9.5
578
VMScore
CVE-2020-19215
SQL Injection vulnerability in admin/user_perm.php in piwigo v2.9.5, via the cat_false parameter to admin.php?page=user_perm.
Piwigo Piwigo 2.9.5
578
VMScore
CVE-2020-19216
SQL Injection vulnerability in admin/user_perm.php in piwigo v2.9.5, via the cat_false parameter to admin.php?page=group_perm.
Piwigo Piwigo 2.9.5
NA
CVE-2019-1336309
Piwigo version 2.9.5 suffers from cross site request forgery and cross site scripting vulnerabilities.
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
bypass
open redirect
CVE-2024-4358
CVE-2024-24199
CVE-2024-5550
CVE-2024-5305
CVE-2024-30373
CVE-2024-1800
deserialization
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started