Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
piwigo vulnerabilities and exploits
(subscribe to this query)
312
VMScore
CVE-2018-7724
The management panel in Piwigo 2.9.3 has stored XSS via the name parameter in a /admin.php?page=photo-${photo_number} request. CSRF exploitation, related to CVE-2017-10681, may be possible.
Piwigo Piwigo 2.9.3
NA
CVE-2023-33359
Piwigo 13.6.0 is vulnerable to Cross Site Request Forgery (CSRF) in the "add tags" function.
Piwigo Piwigo 13.6.0
NA
CVE-2023-33362
Piwigo 13.6.0 is vulnerable to SQL Injection via in the "profile" function.
Piwigo Piwigo 13.6.0
445
VMScore
CVE-2011-3790
Piwigo 2.1.5 allows remote malicious users to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by tools/metadata.php and certain other files.
Piwigo Piwigo 2.1.5
383
VMScore
CVE-2020-22148
A stored cross site scripting (XSS) vulnerability in /admin.php?page=tags of Piwigo 2.10.1 allows malicious users to execute arbitrary web scripts or HTML.
Piwigo Piwigo 2.10.1
312
VMScore
CVE-2020-9467
Piwigo 2.10.1 has stored XSS via the file parameter in a /ws.php request because of the pwg.images.setInfo function.
Piwigo Piwigo 2.10.1
NA
CVE-2023-33361
Piwigo 13.6.0 is vulnerable to SQL Injection via /admin/permalinks.php.
Piwigo Piwigo 13.6.0
312
VMScore
CVE-2020-8089
Piwigo 2.10.1 is affected by stored XSS via the Group Name Field to the group_list page.
Piwigo Piwigo 2.10.1
445
VMScore
CVE-2022-26267
Piwigo v12.2.0 exists to contain an information leak via the action parameter in /admin/maintenance_actions.php.
Piwigo Piwigo 12.2.0
578
VMScore
CVE-2021-40317
Piwigo 11.5.0 is affected by a SQL injection vulnerability via admin.php and the id parameter.
Piwigo Piwigo 11.5.0
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-37316
firmware
CVE-2024-30078
CVE-2024-5995
remote code execution
logic flaw
CVE-2024-20693
CVE-2024-37315
CVE-2024-5464
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »