Lucene search
+L

15 matches found

euvd
euvd
added 2025/10/07 12:30 a.m.6 views

EUVD-2020-30286

Malware in sbrugna...

5.4CVSS5.4AI score0.23822EPSS
Exploits2References4
redhatcve
redhatcve
added 2025/05/22 4:28 p.m.7 views

CVE-2020-9467

Piwigo 2.10.1 has stored XSS via the file parameter in a /ws.php request because of the pwg.images.setInfo function...

5.4CVSS5.6AI score0.23822EPSS
Exploits2References1
exploitdb
exploitdb
added 2020/09/16 12:0 a.m.993 views

Piwigo 2.10.1 - Cross Site Scripting

Exploit Title: Piwigo 2.10.1 - Cross Site Scripting POC by: Iridium Software Homepage: http://www.piwigo.org Version : 2.10.1 Tested on: Linux & Windows Category: webapps Google Dork: intext: "Powered by Piwigo" CVE : CVE-2020-9467 Description Piwigo 2.10.1 has stored XSS via the file parameter i...

5.4CVSS5.5AI score0.23822EPSS
Exploits2
packetstorm
packetstorm
added 2020/09/16 12:0 a.m.480 views

Piwigo 2.10.1 Cross Site Scripting

Exploit Title: Piwigo 2.10.1 - Cross Site Scripting POC by: Iridium Software Homepage: http://www.piwigo.org Version : 2.10.1 Tested on: Linux & Windows Category: webapps Google Dork: intext: "Powered by Piwigo" CVE : CVE-2020-9467 Description Piwigo 2.10.1 has stored XSS via the file parameter i...

3.5CVSS5.5AI score0.23822EPSS
Exploits2
nvd
nvd
added 2020/03/26 8:15 p.m.12 views

CVE-2020-9467

Piwigo 2.10.1 has stored XSS via the file parameter in a /ws.php request because of the pwg.images.setInfo function...

5.4CVSS5.2AI score0.23822EPSS
Exploits2References2
osv
osv
added 2020/03/26 8:15 p.m.10 views

CVE-2020-9467

Piwigo 2.10.1 has stored XSS via the file parameter in a /ws.php request because of the pwg.images.setInfo function...

5.4CVSS5.5AI score
Exploits0References2
ubuntucve
ubuntucve
added 2020/03/26 8:15 p.m.17 views

CVE-2020-9467

Piwigo 2.10.1 has stored XSS via the file parameter in a /ws.php request because of the pwg.images.setInfo function...

5.4CVSS6AI score0.23822EPSS
Exploits2References2
cvelist
cvelist
added 2020/03/26 7:9 p.m.17 views

CVE-2020-9467

Piwigo 2.10.1 has stored XSS via the file parameter in a /ws.php request because of the pwg.images.setInfo function...

5.2AI score0.23822EPSS
Exploits2References2
ubuntucve
ubuntucve
added 2018/03/16 5:29 p.m.44 views

CVE-2014-4613

Cross-site request forgery CSRF vulnerability in the administration panel in Piwigo before 2.6.2 allows remote attackers to hijack the authentication of administrators for requests that add users via a pwg.users.add action in a request to ws.php...

6.5CVSS6.7AI score0.03225EPSS
Exploits1References2
cvelist
cvelist
added 2018/03/16 5:0 p.m.23 views

CVE-2014-4613

Cross-site request forgery CSRF vulnerability in the administration panel in Piwigo before 2.6.2 allows remote attackers to hijack the authentication of administrators for requests that add users via a pwg.users.add action in a request to ws.php...

6.7AI score0.03225EPSS
Exploits1References8
nvd
nvd
added 2018/03/06 5:29 p.m.20 views

CVE-2018-7722

The management panel in Piwigo 2.9.3 has stored XSS via the name parameter in a /ws.php?format=json request. CSRF exploitation, related to CVE-2017-10681, may be possible...

5.4CVSS5.5AI score0.00548EPSS
Exploits1References1
osv
osv
added 2018/02/26 4:29 a.m.20 views

CVE-2017-9425

The Facetag extension 0.0.3 for Piwigo allows XSS via the name parameter to ws.php in a facetag.changeTag action...

6.1CVSS6.1AI score
Exploits0References3
cvelist
cvelist
added 2018/02/26 4:0 a.m.28 views

CVE-2017-9425

The Facetag extension 0.0.3 for Piwigo allows XSS via the name parameter to ws.php in a facetag.changeTag action...

6AI score0.01379EPSS
Exploits1References3
cnvd
cnvd
added 2018/02/26 12:0 a.m.4 views

Facetag Cross-Site Scripting Vulnerability

Piwigo is a web-based photo album software from Piwigo team. The software supports photo publishing, management, multiple browsing categories, tags, time, etc. Facetag extension is one of the face tagging plugins. A cross-site scripting vulnerability exists in version 0.0.3 of the Piwigo Facetag...

6.1CVSS6.3AI score0.01379EPSS
Exploits1References1
cnvd
cnvd
added 2018/02/26 12:0 a.m.9 views

Piwigo Facetag Extension SQL Injection Vulnerability

Piwigo is a web-based photo album software from Piwigo team. The software supports photo publishing, management, multiple browsing categories, tags, time, etc. Facetag extension is one of the face tagging plugins. A SQL injection vulnerability exists in the ws.php file in version 0.0.3 of the...

9.8CVSS8.2AI score0.02719EPSS
Exploits1References1
Rows per page
Query Builder