← voltar
CVE-2016-10514

CVE-2016-10514

EPSS 1.2%
url_check_format in include/functions.inc.php in Piwigo before 2.8.3 allows remote attackers to bypass intended access restrictions via a URL that contains a " character, or a URL beginning with a substring other than the http:// or https:// substring.
Produtos afetados
n/a · n/a

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
http://piwigo.org/releases/2.8.3https://github.com/Piwigo/Piwigo/commit/b3157cbfd859c914911b114d4edbba4654758b57https://github.com/Piwigo/Piwigo/issues/547