Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
piwigo vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2022-26266
Piwigo v12.2.0 exists to contain a SQL injection vulnerability via pwg.users.php.
Piwigo Piwigo 12.2.0
7.5
CVSSv3
CVE-2022-26267
Piwigo v12.2.0 exists to contain an information leak via the action parameter in /admin/maintenance_actions.php.
Piwigo Piwigo 12.2.0
8.8
CVSSv3
CVE-2020-19215
SQL Injection vulnerability in admin/user_perm.php in piwigo v2.9.5, via the cat_false parameter to admin.php?page=user_perm.
Piwigo Piwigo 2.9.5
8.8
CVSSv3
CVE-2020-19216
SQL Injection vulnerability in admin/user_perm.php in piwigo v2.9.5, via the cat_false parameter to admin.php?page=group_perm.
Piwigo Piwigo 2.9.5
8.8
CVSSv3
CVE-2017-17774
admin/configuration.php in Piwigo 2.9.2 has CSRF.
Piwigo Piwigo 2.9.2
6.1
CVSSv3
CVE-2017-17775
Piwigo 2.9.2 has XSS via the name parameter in an admin.php?page=album-3-properties request.
Piwigo Piwigo 2.9.2
9.8
CVSSv3
CVE-2014-125053
A vulnerability was found in Piwigo-Guest-Book up to 1.3.0. It has been declared as critical. This vulnerability affects unknown code of the file include/guestbook.inc.php of the component Navigation Bar. The manipulation of the argument start leads to sql injection. Upgrading to...
Piwigo Guestbook
7.8
CVSSv3
CVE-2014-8938
Lexiglot through 2014-11-20 allows local users to obtain sensitive information by listing a process because the username and password are on the command line.
Piwigo Lexiglot
5.4
CVSSv3
CVE-2014-8944
Lexiglot through 2014-11-20 allows XSS (Reflected) via the username, or XSS (Stored) via the admin.php?page=config install_name, intro_message, or new_file_content parameter.
Piwigo Lexiglot
7.5
CVSSv3
CVE-2014-8937
Lexiglot through 2014-11-20 allows denial of service because api/update.php launches svn update operations that use a great deal of resources.
Piwigo Lexiglot
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
camera
bypass
CVE-2024-3592
CVE-2024-37383
CVE-2024-24919
CVE-2024-27822
CVE-2024-36788
CVE-2024-36789
man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »