6 matches found
piwigo 2.3.3 - Multiple Vulnerabilities
No description provided by source. Advisory ID: HTB23085 Product: Piwigo Vendor: Piwigo project Vulnerable Versions: 2.3.3 and probably prior Tested Version: 2.3.3 Vendor Notification: 4 April 2012 Vendor Patch: 8 April 2012 Public Disclosure: 25 April 2012 Vulnerability Type: Directory Path...
CVE-2012-2208
Directory traversal vulnerability in upgrade.php in Piwigo before 2.3.4 allows remote attackers to include and execute arbitrary local files via a .. dot dot in the language parameter...
Multiple vulnerabilities in Piwigo
Advisory ID: HTB23085 Product: Piwigo Vendor: Piwigo project Vulnerable Versions: 2.3.3 and probably prior Tested Version: 2.3.3 Vendor Notification: 4 April 2012 Vendor Patch: 8 April 2012 Public Disclosure: 25 April 2012 Vulnerability Type: Directory Path Traversal, Cross-Site Scripting XSS CVE...
Piwigo 2.3.3 Multiple Vulnerabilities
Exploit for php platform in category web applications Product: Piwigo Vendor: Piwigo project Vulnerable Versions: 2.3.3 and probably prior Tested Version: 2.3.3 Vendor Notification: 4 April 2012 Vendor Patch: 8 April 2012 Public Disclosure: 25 April 2012 Vulnerability Type: Directory Path...
Piwigo 2.3.3 Cross Site Scripting / Directory Traversal
Advisory ID: HTB23085 Product: Piwigo Vendor: Piwigo project Vulnerable Versions: 2.3.3 and probably prior Tested Version: 2.3.3 Vendor Notification: 4 April 2012 Vendor Patch: 8 April 2012 Public Disclosure: 25 April 2012 Vulnerability Type: Directory Path Traversal, Cross-Site Scripting XSS CVE...
Multiple vulnerabilities in Piwigo
High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in Piwigo, which can be exploited to perform Cross-Site Scripting XSS and Path Traversal attacks. 1 Directory Path Traversal in Piwigo: CVE-2012-2208 1.1 Input passed via the "language" GET parameter to upgrade.php ...