29 matches found
EUVD-2020-11124
Malware in sbrugna...
EUVD-2017-8976
Malware in sbrugna...
EUVD-2017-8975
Malware in sbrugna...
EUVD-2021-27850
Malicious code in bioql PyPI...
CVE-2021-40678
In Piwigo 11.5.0, there exists a persistent cross-site scripting in the single mode function through /admin.php?page=batchmanager&mode=unit...
CVE-2021-40678
CVE-2021-40678 concerns Piwigo 11.5.0, where a persistent cross-site scripting (XSS) vulnerability exists in the single mode function via the URL path /admin.php?page=batch_manager&mode=unit. The connected documents consistently describe it as a client-side JavaScript execution risk reachable thr...
CVE-2020-19217
SQL Injection vulnerability in admin/batchmanager.php in piwigo v2.9.5, via the filtercategory parameter to admin.php?page=batchmanager...
Sql injection
Piwigo v11.5 was discovered to contain a SQL injection vulnerability via the parameter pwgtoken in /admin/batchmanagerglobal.php...
CVE-2021-40313
CVE-2021-40313 affects Piwigo v11.5, with a SQL injection vulnerability in the pwg_token parameter of /admin/batch_manager_global.php. The issue is caused by insufficient escaping/ filtering, as reported across sources (NVD entry and Red Hat/CVE references). Impact is described as SQL injection w...
Honeywell C200E Controller Module
Binary data 764873.prm...
Piwigo Batch Manager Component SQL Injection Vulnerability
Piwigo is a web-based photo album software from Piwigo team. The software supports photo publishing, management, multiple browsing category, tag, time, etc. Batch Manager component is one of the manager components. A SQL injection vulnerability exists in the Batch Manager component in Piwigo...
Piwigo Batch Manager Component Cross-Site Scripting Vulnerability
Piwigo is a web-based photo album software from Piwigo team. The software supports photo publishing, management, multiple browsing category, tag, time, etc. Batch Manager component is one of the manager components. A cross-site scripting vulnerability exists in the Batch Manager component in Piwi...
CVE-2017-17825
The Batch Manager component of Piwigo 2.9.2 is vulnerable to Persistent Cross Site Scripting via tags- array parameters in an admin.php?page=batchmanager&mode=unit request. An attacker can exploit this to hijack a client's browser along with the data stored in it...
Sql injection
The Batch Manager component of Piwigo 2.9.2 is vulnerable to SQL Injection via the admin/batchmanagerunit.php elementids parameter in unit mode. An attacker can exploit this to gain access to the data in a connected MySQL database...
Cross site scripting
The Batch Manager component of Piwigo 2.9.2 is vulnerable to Persistent Cross Site Scripting via tags- array parameters in an admin.php?page=batchmanager&mode=unit request. An attacker can exploit this to hijack a client's browser along with the data stored in it...
CVE-2017-17825
The Batch Manager component of Piwigo 2.9.2 is vulnerable to Persistent Cross Site Scripting via tags- array parameters in an admin.php?page=batchmanager&mode=unit request. An attacker can exploit this to hijack a client's browser along with the data stored in it...
CVE-2017-17824
The Batch Manager component of Piwigo 2.9.2 is vulnerable to SQL Injection via the admin/batchmanagerunit.php elementids parameter in unit mode. An attacker can exploit this to gain access to the data in a connected MySQL database...
CVE-2017-17824
The Batch Manager component of Piwigo 2.9.2 is vulnerable to SQL Injection via the admin/batchmanagerunit.php elementids parameter in unit mode. An attacker can exploit this to gain access to the data in a connected MySQL database...
CVE-2017-17824
The Batch Manager component of Piwigo 2.9.2 is vulnerable to SQL Injection via the admin/batchmanagerunit.php elementids parameter in unit mode. An attacker can exploit this to gain access to the data in a connected MySQL database...
CVE-2017-17825
The Batch Manager component of Piwigo 2.9.2 is vulnerable to Persistent Cross Site Scripting via tags- array parameters in an admin.php?page=batchmanager&mode=unit request. An attacker can exploit this to hijack a client's browser along with the data stored in it...