2 matches found
Piwigo Cross-Site Request Forgery Vulnerability (CNVD-2017-13999)
Piwigo is a web-based photo album software from the Piwigo team. The software supports photo publishing, management, multiple browsing options categories, tags, time and more. A cross-site request forgery vulnerability exists in Piwigo 2.9.1 and earlier versions. A remote attacker can exploit thi...
CVE-2017-10681
Cross-site request forgery CSRF vulnerability in Piwigo through 2.9.1 allows remote attackers to hijack the authentication of users for requests to unlock albums via a crafted request...