← volver
CVE-2016-10514

CVE-2016-10514

EPSS 1.2%
url_check_format in include/functions.inc.php in Piwigo before 2.8.3 allows remote attackers to bypass intended access restrictions via a URL that contains a " character, or a URL beginning with a substring other than the http:// or https:// substring.
Productos afectados
n/a · n/a

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
http://piwigo.org/releases/2.8.3https://github.com/Piwigo/Piwigo/commit/b3157cbfd859c914911b114d4edbba4654758b57https://github.com/Piwigo/Piwigo/issues/547