Lucene search
Facetag Security Vulnerabilities
cve
ws.php in the Facetag extension 0.0.3 for Piwigo allows SQL injection via the imageId parameter in a facetag.changeTag or facetag.listTags...
9.8CVSS
9.8AI Score
0.031EPSS
2018-02-26 04:29 AM
21
cve
The Facetag extension 0.0.3 for Piwigo allows XSS via the name parameter to ws.php in a facetag.changeTag...
6.1CVSS
5.9AI Score
0.003EPSS
2018-02-26 04:29 AM
19