9 matches found
CVE-2013-1469
Directory traversal vulnerability in install.php in Piwigo before 2.4.7 allows remote attackers to read and delete arbitrary files via a .. dot dot in the dl parameter...
CVE-2013-1469
Directory traversal vulnerability in install.php in Piwigo before 2.4.7 allows remote attackers to read and delete arbitrary files via a .. dot dot in the dl parameter...
CVE-2013-1469
CVE-2013-1469 affects Piwigo where install.php uses the dl parameter, allowing directory traversal to read and delete arbitrary files. The vulnerability is described as a directory traversal issue in Piwigo versions prior to 2.4.7. Connected advisories and scans corroborate that this is a file-ac...
Multiple Vulnerabilities in Piwigo
Advisory ID: HTB23144 Product: Piwigo Vendor: Piwigo project Vulnerable Versions: 2.4.6 and probably prior Tested Version: 2.4.6 Vendor Notification: February 6, 2013 Vendor Patch: February 19, 2013 Public Disclosure: February 27, 2013 Vulnerability Type: Cross-Site Request Forgery CWE-352, Path...
Piwigo 2.4.6 - Multiple Vulnerabilities
Piwigo 2.4.6 - Multiple Vulnerabilities Advisory ID: HTB23144 Product: Piwigo Vendor: Piwigo project Vulnerable Versions: 2.4.6 and probably prior Tested Version: 2.4.6 Vendor Notification: February 6, 2013 Vendor Patch: February 19, 2013 Public Disclosure: February 27, 2013 Vulnerability Type:...
Piwigo 2.4.6 - Multiple Vulnerabilities
Advisory ID: HTB23144 Product: Piwigo Vendor: Piwigo project Vulnerable Versions: 2.4.6 and probably prior Tested Version: 2.4.6 Vendor Notification: February 6, 2013 Vendor Patch: February 19, 2013 Public Disclosure: February 27, 2013 Vulnerability Type: Cross-Site Request Forgery CWE-352, Path...
Piwigo 2.4.6 - Multiple Vulnerabilities
High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in Piwigo, which can be exploited to perform Сross-Site Request Forgery and Path Traversal attacks. Advisory Details: High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in Piwigo, whic...
Piwigo 2.4.6 Cross Site Request Forgery / Traversal Vulnerabilities
Piwigo version 2.4.5 suffers from cross site request forgery and path traversal vulnerabilities. Product: Piwigo Vendor: Piwigo project Vulnerable Versions: 2.4.6 and probably prior Tested Version: 2.4.6 Vendor Notification: February 6, 2013 Vendor Patch: February 19, 2013 Public Disclosure:...
Piwigo 2.4.6 Cross Site Request Forgery / Traversal
Advisory ID: HTB23144 Product: Piwigo Vendor: Piwigo project Vulnerable Versions: 2.4.6 and probably prior Tested Version: 2.4.6 Vendor Notification: February 6, 2013 Vendor Patch: February 19, 2013 Public Disclosure: February 27, 2013 Vulnerability Type: Cross-Site Request Forgery CWE-352, Path...