Vulners
Lucene search
2 matches found
CVE-2019-13363
admin.php?page=notificationbymail in Piwigo 2.9.5 has XSS via the nbmsendhtmlmail, nbmsendmailas, nbmsenddetailedcontent, nbmcomplementarymailcontent, nbmsendrecentpostdates, or paramsubmit parameter. This is exploitable via CSRF...
9.6CVSS8.9AI score0.01355EPSS
Exploits4References5
Cross site request forgery (csrf)
admin.php?page=notificationbymail in Piwigo 2.9.5 has XSS via the nbmsendhtmlmail, nbmsendmailas, nbmsenddetailedcontent, nbmcomplementarymailcontent, nbmsendrecentpostdates, or paramsubmit parameter. This is exploitable via CSRF...
6.8CVSS8.7AI score0.01355EPSS
Exploits4References5Affected Software1
20