CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2021-31783

show_default.php in the LocalFilesEditor extension before 11.4.0.1 for Piwigo allows Local File Inclusion because the file parameter is not validated with a proper regular-expression check.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 39.8%

CVSS Severity

CVSS v3 Score 7.5

CVSS v2 Score 5.0

References

https://github.com/Piwigo/LocalFilesEditor/commit/dda691d3e45bfd166ac175c70bd8b91cb4917b6b
https://github.com/Piwigo/LocalFilesEditor/issues/2
https://piwigo.org/ext/index.php?cid=null
https://github.com/Piwigo/LocalFilesEditor/commit/dda691d3e45bfd166ac175c70bd8b91cb4917b6b
https://github.com/Piwigo/LocalFilesEditor/issues/2
https://piwigo.org/ext/index.php?cid=null

Products affected by CVE-2021-31783

Piwigo » Localfiles Editor » Version: Any

cpe:2.3:a:piwigo:localfiles_editor:*

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2021-31783

Products

Pricing

Contact Us