Lucene search
+L

4 matches found

NVD
NVD
added 2019/09/13 1:15 p.m.26 views

CVE-2019-13363

admin.php?page=notificationbymail in Piwigo 2.9.5 has XSS via the nbmsendhtmlmail, nbmsendmailas, nbmsenddetailedcontent, nbmcomplementarymailcontent, nbmsendrecentpostdates, or paramsubmit parameter. This is exploitable via CSRF...

9.6CVSS8.9AI score0.01355EPSS
Exploits4References5
CVE
CVE
added 2019/09/13 12:22 p.m.173 views

CVE-2019-13363

CVE-2019-13363 affects Piwigo 2.9.5. The vulnerability is a Cross‑Site Scripting (XSS) in the admin.php?page=notification_by_mail endpoint, exploitable via parameters such as nbm_send_html_mail, nbm_send_mail_as, nbm_send_detailed_content, nbm_complementary_mail_content, nbm_send_recent_post_date...

9.6CVSS8.8AI score0.01355EPSS
Exploits4References5Affected Software1
Cvelist
Cvelist
added 2019/09/13 12:22 p.m.35 views

CVE-2019-13363

admin.php?page=notificationbymail in Piwigo 2.9.5 has XSS via the nbmsendhtmlmail, nbmsendmailas, nbmsenddetailedcontent, nbmcomplementarymailcontent, nbmsendrecentpostdates, or paramsubmit parameter. This is exploitable via CSRF...

9AI score0.01355EPSS
Exploits4References5
Packet Storm
Packet Storm
added 2019/09/13 12:0 a.m.291 views

Piwigo 2.9.5 Cross Site Request Forgery / Cross Site Scripting

===== Tempest Security Intelligence - ADV-03/2019 ========================== Piwigo - Version 2.9.5 Author: Rodolfo Tavares Tempest Security Intelligence - Recife, Pernambuco - Brazil ===== Table of Contents================================================== Overview Detailed description Timeline ...

0.2AI score0.01355EPSS
Exploits5
Rows per page
Query Builder