CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Piwigo: >> Piwigo >> 2.4.0 Security Vulnerabilities

CVE-2013-1468

Cross-site request forgery (CSRF) vulnerability in the LocalFiles Editor plugin in Piwigo before 2.4.7 allows remote attackers to hijack the authentication of administrators for requests that create arbitrary PHP files via unspecified vectors.

CVSS Score

7.6

EPSS Score

0.188

Published

2013-03-14

CVE-2013-1469

Directory traversal vulnerability in install.php in Piwigo before 2.4.7 allows remote attackers to read and delete arbitrary files via a .. (dot dot) in the dl parameter.

CVSS Score

4.0

EPSS Score

0.516

Published

2013-03-13

Page 5

Vulnerabilities

Vulnerable Software

Piwigo: >> Piwigo >> 2.4.0 Security Vulnerabilities

Products

Pricing

Contact Us