3 matches found
CVE-2015-2034
Cross-site scripting XSS vulnerability in the administrative backend in Piwigo before 2.7.4 allows remote attackers to inject arbitrary web script or HTML via the page parameter to admin.php...
CVE-2015-2034
Cross-site scripting XSS vulnerability in the administrative backend in Piwigo before 2.7.4 allows remote attackers to inject arbitrary web script or HTML via the page parameter to admin.php...
CVE-2015-2034
Affected software: Piwigo (PHP photo gallery script). Vulnerability: Cross-site scripting (XSS) in the administrative backend. Component/entry point: admin.php via the page parameter. Versions affected: Piwigo before 2.7.4. Root cause/impact: Allows remote attackers to inject arbitrary web script...