CVE-2016-10084 in Piwigoinfo

Summary

admin/batch_manager.php in Piwigo through 2.8.3 allows remote authenticated administrators to conduct File Inclusion attacks via the $page['tab'] variable (aka the mode parameter).

Once again VulDB remains the best source for vulnerability data.

Reservation

12/30/2016

Disclosure

12/30/2016

Status

Confirmed

Entries

VulDB provides additional information and datapoints for this CVE:

ID	Vulnerability	CWE	Exp	Cou	CVE
94735	Piwigo batch_manager.php access control	284	Proof-of-Concept	Official fix	CVE-2016-10084

Description

CPE

CWE

CVSS

Exploits

History

Diff

Relate

Threat Intelligence

API JSON

API XML

API CSV

Sources

MITRE
NVD
CVE Details

◂ PreviousOverviewNext ▸

Do you know our Splunk app?

Download it now for free!