8 matches found
EUVD-2017-2329
Malware in sbrugna...
CVE-2017-9836
Cross-site scripting XSS vulnerability in Piwigo 2.9.1 allows remote authenticated administrators to inject arbitrary web script or HTML via the virtualname parameter to /admin.php i.e., creating a virtual album...
CVE-2017-10680
Cross-site request forgery CSRF vulnerability in Piwigo through 2.9.1 allows remote attackers to hijack the authentication of users for requests to change a private album to public via a crafted request...
Cross site request forgery (csrf)
Cross-site request forgery CSRF vulnerability in Piwigo through 2.9.1 allows remote attackers to hijack the authentication of users for requests to unlock albums via a crafted request...
CVE-2017-10681
Cross-site request forgery CSRF vulnerability in Piwigo through 2.9.1 allows remote attackers to hijack the authentication of users for requests to unlock albums via a crafted request...
CVE-2017-10678
Cross-site request forgery CSRF vulnerability in Piwigo through 2.9.1 allows remote attackers to hijack the authentication of users for requests to delete permalinks via a crafted request...
CVE-2017-10680
Cross-site request forgery CSRF vulnerability in Piwigo through 2.9.1 allows remote attackers to hijack the authentication of users for requests to change a private album to public via a crafted request...
Cross site scripting
Cross-site scripting XSS vulnerability in Piwigo 2.9.1 allows remote authenticated administrators to inject arbitrary web script or HTML via the virtualname parameter to /admin.php i.e., creating a virtual album...