CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Piwigo: >> Piwigo >> 14.2.0 Security Vulnerabilities

CVE-2024-46605

A cross-site scripting (XSS) vulnerability in the component /admin.php?page=album of Piwigo v14.5.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Description field.

CVSS Score

6.1

EPSS Score

0.001

Published

2024-10-16

CVE-2024-46606

A cross-site scripting (XSS) vulnerability in the component /admin.php?page=photo of Piwigo v14.5.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Description field.

CVSS Score

5.4

EPSS Score

0.003

Published

2024-10-16

CVE-2024-28662

A Cross Site Scripting vulnerability exists in Piwigo before 14.3.0 script because of missing sanitization in create_tag in admin/include/functions.php.

CVSS Score

5.4

EPSS Score

0.006

Published

2024-03-13

Page 1

Vulnerabilities

Vulnerable Software

Piwigo: >> Piwigo >> 14.2.0 Security Vulnerabilities

Products

Pricing

Contact Us