Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
piwigo piwigo vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-34626
Piwigo 13.7.0 is vulnerable to SQL Injection via the "Users" function.
Piwigo Piwigo
383
VMScore
CVE-2021-45357
Cross Site Scripting (XSS) vulnerability exists in Piwigo 12.x via the pwg_activity function in include/functions.inc.php.
Piwigo Piwigo
454
VMScore
CVE-2022-32297
Piwigo v12.2.0 exists to contain SQL injection vulnerability via the Search function.
Piwigo Piwigo
383
VMScore
CVE-2016-10513
Cross Site Scripting (XSS) exists in Piwigo prior to 2.8.3 via a crafted search expression to include/functions_search.inc.php.
Piwigo Piwigo
383
VMScore
CVE-2016-10514
url_check_format in include/functions.inc.php in Piwigo prior to 2.8.3 allows remote malicious users to bypass intended access restrictions via a URL that contains a " character, or a URL beginning with a substring other than the http:// or https:// substring.
Piwigo Piwigo
578
VMScore
CVE-2020-19216
SQL Injection vulnerability in admin/user_perm.php in piwigo v2.9.5, via the cat_false parameter to admin.php?page=group_perm.
Piwigo Piwigo 2.9.5
383
VMScore
CVE-2020-22148
A stored cross site scripting (XSS) vulnerability in /admin.php?page=tags of Piwigo 2.10.1 allows malicious users to execute arbitrary web scripts or HTML.
Piwigo Piwigo 2.10.1
383
VMScore
CVE-2020-22150
A cross site scripting (XSS) vulnerability in /admin.php?page=permalinks of Piwigo 2.10.1 allows malicious users to execute arbitrary web scripts or HTML.
Piwigo Piwigo 2.10.1
578
VMScore
CVE-2022-26266
Piwigo v12.2.0 exists to contain a SQL injection vulnerability via pwg.users.php.
Piwigo Piwigo 12.2.0
NA
CVE-2022-48007
A stored cross-site scripting (XSS) vulnerability in identification.php of Piwigo v13.4.0 allows malicious users to execute arbitrary web scripts or HTML via a crafted payload injected into the User-Agent.
Piwigo Piwigo 13.4.0
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30051
remote
CVE-2024-27954
CVE-2023-51483
CVE-2023-47782
SSRF
CVE-2024-24715
CVE-2023-52424
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »