Show filters
7 Total Results
Displaying 1-7 of 7
Sort by:
Attacker Value
Unknown
CVE-2020-19217
Disclosure Date: May 06, 2022 (last updated February 23, 2025)
SQL Injection vulnerability in admin/batch_manager.php in piwigo v2.9.5, via the filter_category parameter to admin.php?page=batch_manager.
0
Attacker Value
Unknown
CVE-2020-19216
Disclosure Date: May 06, 2022 (last updated February 23, 2025)
SQL Injection vulnerability in admin/user_perm.php in piwigo v2.9.5, via the cat_false parameter to admin.php?page=group_perm.
0
Attacker Value
Unknown
CVE-2020-19215
Disclosure Date: May 06, 2022 (last updated February 23, 2025)
SQL Injection vulnerability in admin/user_perm.php in piwigo v2.9.5, via the cat_false parameter to admin.php?page=user_perm.
0
Attacker Value
Unknown
CVE-2020-19213
Disclosure Date: May 06, 2022 (last updated February 23, 2025)
SQL Injection vulnerability in cat_move.php in piwigo v2.9.5, via the selection parameter to move_categories.
0
Attacker Value
Unknown
CVE-2020-19212
Disclosure Date: May 06, 2022 (last updated February 23, 2025)
SQL Injection vulnerability in admin/group_list.php in piwigo v2.9.5, via the group parameter to delete.
0
Attacker Value
Unknown
CVE-2019-13364
Disclosure Date: September 13, 2019 (last updated November 27, 2024)
admin.php?page=account_billing in Piwigo 2.9.5 has XSS via the vat_number, billing_name, company, or billing_address parameter. This is exploitable via CSRF.
0
Attacker Value
Unknown
CVE-2019-13363
Disclosure Date: September 13, 2019 (last updated November 27, 2024)
admin.php?page=notification_by_mail in Piwigo 2.9.5 has XSS via the nbm_send_html_mail, nbm_send_mail_as, nbm_send_detailed_content, nbm_complementary_mail_content, nbm_send_recent_post_dates, or param_submit parameter. This is exploitable via CSRF.
0
