CVE-2016-10085

CVE-2016-10085

EPSS 1.8%

admin/languages.php in Piwigo through 2.8.3 allows remote authenticated administrators to conduct File Inclusion attacks via the tab parameter.

Affected products

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://github.com/Piwigo/Piwigo/commit/4b33a0fd199fd445b15a49927ea6a9a153e3877d https://github.com/Piwigo/Piwigo/issues/573#issuecomment-267974558 http://www.securityfocus.com/bid/95167