Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2017-17827 |
|
Cross-Site Request Forgery (CSRF) in piwigo (CVE-2017-17827)
vulnerability in piwigo (CVE-2017-17827). Successful exploitation can lead to full system takeover.
|
| CVE-2017-17826 |
|
Cross-Site Scripting (XSS) in piwigo (CVE-2017-17826)
cross-site scripting in piwigo (CVE-2017-17826). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-17825 |
|
Cross-Site Scripting (XSS) in piwigo (CVE-2017-17825)
cross-site scripting in piwigo (CVE-2017-17825). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-17824 |
|
SQL Injection in sqli (CVE-2017-17824)
SQL injection in sqli (CVE-2017-17824). Confidential information can be exposed externally.
|
| CVE-2017-17823 |
|
SQL Injection in sqli (CVE-2017-17823)
SQL injection in sqli (CVE-2017-17823). Confidential information can be exposed externally.
|
| CVE-2017-17822 |
|
SQL Injection in sqli (CVE-2017-17822)
SQL injection in sqli (CVE-2017-17822). Confidential information can be exposed externally.
|
| CVE-2017-17775 |
|
Piwigo 2.9.2 has XSS via the name parameter in an admin.php?page=album-3-properties request.
Piwigo 2.9.2 has XSS via the name parameter in an admin.php?page=album-3-properties request.
|
| CVE-2017-17774 |
|
admin/configuration.php in Piwigo 2.9.2 has CSRF.
admin/configuration.php in Piwigo 2.9.2 has CSRF.
|
| CVE-2017-16893 |
|
SQL Injection in sqli (CVE-2017-16893)
SQL injection in sqli (CVE-2017-16893). Confidential information can be exposed externally.
|
| CVE-2016-10513 |
|
Cross-Site Scripting (XSS) in piwigo (CVE-2016-10513)
cross-site scripting in piwigo (CVE-2016-10513). Risk of unauthorized operations or information disclosure.
|
| CVE-2016-10514 |
|
Vulnerability in piwigo (CVE-2016-10514)
vulnerability in piwigo (CVE-2016-10514). Data can be tampered with by attackers.
|
| CVE-2017-10682 |
|
SQL Injection in sqli (CVE-2017-10682)
SQL injection in sqli (CVE-2017-10682). Successful exploitation can lead to full system takeover.
|
| CVE-2017-10681 |
|
Cross-Site Request Forgery (CSRF) in csrf (CVE-2017-10681)
vulnerability in csrf (CVE-2017-10681). Successful exploitation can lead to full system takeover.
|
| CVE-2017-10680 |
|
Cross-Site Request Forgery (CSRF) in csrf (CVE-2017-10680)
vulnerability in csrf (CVE-2017-10680). Successful exploitation can lead to full system takeover.
|
| CVE-2017-10679 |
|
Information Disclosure in piwigo (CVE-2017-10679)
vulnerability in piwigo (CVE-2017-10679). Confidential information can be exposed externally.
|
| CVE-2017-10678 |
|
Cross-Site Request Forgery (CSRF) in csrf (CVE-2017-10678)
vulnerability in csrf (CVE-2017-10678). Successful exploitation can lead to full system takeover.
|
| CVE-2017-9836 |
|
Cross-Site Scripting (XSS) in piwigo (CVE-2017-9836)
cross-site scripting in piwigo (CVE-2017-9836). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-9464 |
|
Open Redirect in piwigo (CVE-2017-9464)
vulnerability in piwigo (CVE-2017-9464). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-9463 |
|
SQL Injection in sqli (CVE-2017-9463)
SQL injection in sqli (CVE-2017-9463). Confidential information can be exposed externally.
|
| CVE-2017-9452 |
|
Cross-Site Scripting (XSS) in piwigo (CVE-2017-9452)
cross-site scripting in piwigo (CVE-2017-9452). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-5608 |
|
Cross-Site Scripting (XSS) in piwigo (CVE-2017-5608)
cross-site scripting in piwigo (CVE-2017-5608). Risk of unauthorized operations or information disclosure.
|