CVE-2016-10105

Опубликовано: 03 янв. 2017

Источник: debian

Описание

admin/plugin.php in Piwigo through 2.8.3 doesn't validate the sections variable while using it to include files. This can cause information disclosure and code execution if it contains a .. sequence.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
piwigo	removed			package

Связанные уязвимости

CVE-2016-10105

CVSS3: 9.8

ubuntu

около 9 лет назад

admin/plugin.php in Piwigo through 2.8.3 doesn't validate the sections variable while using it to include files. This can cause information disclosure and code execution if it contains a .. sequence.

CVE-2016-10105

CVSS3: 9.8

nvd

около 9 лет назад

admin/plugin.php in Piwigo through 2.8.3 doesn't validate the sections variable while using it to include files. This can cause information disclosure and code execution if it contains a .. sequence.

GHSA-f2gv-hp27-8fjf

CVSS3: 9.8

github

больше 3 лет назад

admin/plugin.php in Piwigo through 2.8.3 doesn't validate the sections variable while using it to include files. This can cause information disclosure and code execution if it contains a .. sequence.