2 matches found
PT-2020-6067 · Unknown · Property-Expr
Name of the Vulnerable Software and Affected Versions: property-expr versions prior to 2.0.3 Description: The issue is related to Prototype Pollution via the setter function. It may allow a remote attacker to perform a prototype pollution attack by exploiting uncontrolled modification of object...
PT-2009-5283 · Piwigo · Piwigo
Name of the Vulnerable Software and Affected Versions: Piwigo versions prior to 2.0.3 Description: The issue allows remote attackers to execute arbitrary SQL commands. This is achieved via the items number parameter in the comments.php file. Recommendations: For versions prior to 2.0.3, update to...