CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Piwigo: >> Piwigo >> 12.2.0 Security Vulnerabilities

CVE-2022-26267

Piwigo v12.2.0 was discovered to contain an information leak via the action parameter in /admin/maintenance_actions.php.

CVSS Score

7.5

EPSS Score

0.009

Published

2022-03-18

CVE-2022-24620

Piwigo version 12.2.0 is vulnerable to stored cross-site scripting (XSS), which can lead to privilege escalation. In this way, admin can steal webmaster's cookies to get the webmaster's access.

CVSS Score

5.4

EPSS Score

0.003

Published

2022-02-24

Page 2

Vulnerabilities

Vulnerable Software

Piwigo: >> Piwigo >> 12.2.0 Security Vulnerabilities

Products

Pricing

Contact Us