Lucene search
K

9 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2018-19437

Malware in sbrugna...

5.4CVSS6AI score0.00556EPSS
Exploits1References2
Prion
Prion
added 2018/03/06 5:29 p.m.18 views

Cross site request forgery (csrf)

The management panel in Piwigo 2.9.3 has stored XSS via the name parameter in a /admin.php?page=photo-$photonumber request. CSRF exploitation, related to CVE-2017-10681, may be possible...

3.5CVSS5.4AI score0.01208EPSS
Exploits2References1Affected Software1
NVD
NVD
added 2018/03/06 5:29 p.m.19 views

CVE-2018-7724

The management panel in Piwigo 2.9.3 has stored XSS via the name parameter in a /admin.php?page=photo-$photonumber request. CSRF exploitation, related to CVE-2017-10681, may be possible...

5.4CVSS5.5AI score0.00285EPSS
Exploits1References1
Prion
Prion
added 2018/03/06 5:29 p.m.20 views

Cross site request forgery (csrf)

The management panel in Piwigo 2.9.3 has stored XSS via the name parameter in a /ws.php?format=json request. CSRF exploitation, related to CVE-2017-10681, may be possible...

3.5CVSS5.4AI score0.01208EPSS
Exploits2References1Affected Software1
Prion
Prion
added 2018/03/06 5:29 p.m.12 views

Design/Logic Flaw

The management panel in Piwigo 2.9.3 has stored XSS via the virtualname parameter in a /admin.php?page=catlist request, a different issue than CVE-2017-9836. CSRF exploitation, related to CVE-2017-10681, may be possible...

3.5CVSS5.2AI score0.01208EPSS
Exploits2References1Affected Software1
Cvelist
Cvelist
added 2018/03/06 5:0 p.m.19 views

CVE-2018-7724

The management panel in Piwigo 2.9.3 has stored XSS via the name parameter in a /admin.php?page=photo-$photonumber request. CSRF exploitation, related to CVE-2017-10681, may be possible...

5.5AI score0.00285EPSS
Exploits1References1
NVD
NVD
added 2017/06/29 9:29 p.m.24 views

CVE-2017-10681

Cross-site request forgery CSRF vulnerability in Piwigo through 2.9.1 allows remote attackers to hijack the authentication of users for requests to unlock albums via a crafted request...

8.8CVSS6AI score0.01208EPSS
Exploits1References3
OSV
OSV
added 2017/06/29 9:29 p.m.14 views

CVE-2017-10681

Cross-site request forgery CSRF vulnerability in Piwigo through 2.9.1 allows remote attackers to hijack the authentication of users for requests to unlock albums via a crafted request...

8.8CVSS7.2AI score
Exploits0References3
CVE
CVE
added 2017/06/29 9:0 p.m.55 views

CVE-2017-10681

CVE-2017-10681 is a CSRF vulnerability in Piwigo up to 2.9.1 that could allow hijacking user authentication for album-unlock actions. Connected records reference CVE-2017-10681 as related to broader issues in Piwigo 2.9.3 (e.g., stored XSS via admin endpoints) and state that CSRF exploitation rel...

8.8CVSS6.2AI score0.01208EPSS
Exploits1References3Affected Software1
Rows per page
Query Builder