2 matches found
CVE-2024-6548
The Add Admin JavaScript plugin for WordPress is vulnerable to Full Path Disclosure in all versions up to, and including, 2.0. This is due to the plugin utilizing bootstrap and leaving test files with displayerrors on. This makes it possible for unauthenticated attackers to retrieve the full path...
Piwigo Cross-Site Scripting Vulnerability (CNVD-2017-00119)
Piwigo is a web-based photo album software from the Piwigo team. The software supports photo publishing, management, multiple browsing options categories, tags, time and more. A cross-site scripting vulnerability exists in the admin/plugin.php file in Piwigo 2.8.3 and prior versions. A remote...