Student-Management-System 代码注入漏洞

Student-Management-System is an open-source student information management system developed by Cyber-III. Versions of Student-Management-System 1a938fa61e9f735078e9b291d2e6215b4942af3f and earlier have a code injection vulnerability. This vulnerability stems from incorrect handling of the...

EUVD-2021-27850

Malicious code in bioql PyPI...

Piwigo Security Breach

Piwigo is a Web-based open source photo gallery software. The software includes features such as image management, image categorization and permission management. A security vulnerability exists in versions prior to Piwigo v.14.2.0, which allows remote attackers to elevate privileges through the...

CVE-2021-40313

CVE-2021-40313 affects Piwigo v11.5, with a SQL injection vulnerability in the pwg_token parameter of /admin/batch_manager_global.php. The issue is caused by insufficient escaping/ filtering, as reported across sources (NVD entry and Red Hat/CVE references). Impact is described as SQL injection w...

Piwigo SQL注入漏洞

Piwigo is a set of Web-based open source image library software. Piwigo v11.5 contains a security vulnerability in /admin/batchmanagerglobal.php in which the parameter pwgtoken is not sufficiently escaped and filtered. No details of the vulnerability are available at this time...

MetInfo Cross-Site Request Forgery Vulnerability (CNVD-2018-11843)

MetInfo is a content management system CMS developed using PHP and Mysql by China Mito Information Technology Ltd. A cross-site request forgery vulnerability exists in the admin/app/batch/csvup.php file in MetInfo version 6.0.0. A remote attacker can exploit this vulnerability with the help of a...

CVE-2018-12530

An issue was discovered in MetInfo 6.0.0. admin/app/batch/csvup.php allows remote attackers to delete arbitrary files via a flienamecsv=../ directory traversal. This can be exploited via CSRF...

Piwigo File Containment Vulnerability

Piwigo is a web-based photo album software from the Piwigo team. The software supports photo publishing, management, multiple browsing options categories, tags, time and more. A security vulnerability exists in the admin/batchmanager.php file in Piwigo 2.8.3 and earlier versions. A remote attacke...