Max CVSS | 6.5 | Min CVSS | 4.3 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2015-1517 | 6.0 |
SQL injection vulnerability in Piwigo before 2.7.4, when all filters are activated, allows remote authenticated users to execute arbitrary SQL commands via the filter_level parameter in a "Refresh photo set" action in the batch_manager page to admin.
|
09-10-2018 - 19:55 | 20-02-2015 - 16:59 | |
CVE-2015-2034 | 4.3 |
Cross-site scripting (XSS) vulnerability in the administrative backend in Piwigo before 2.7.4 allows remote attackers to inject arbitrary web script or HTML via the page parameter to admin.php.
|
30-11-2016 - 03:00 | 20-02-2015 - 16:59 | |
CVE-2015-2035 | 6.5 |
SQL injection vulnerability in the administrative backend in Piwigo before 2.7.4 allows remote administrators to execute arbitrary SQL commands via the user parameter in the history page to admin.php.
|
30-11-2016 - 03:00 | 20-02-2015 - 16:59 |