Lucene search

[email protected]NVD:CVE-2013-1468

HistoryMar 14, 2013 - 3:13 a.m.

CVE-2013-1468

2013-03-1403:13:32

CWE-352

[email protected]

web.nvd.nist.gov

CVSS2

7.6

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:H/Au:N/C:C/I:C/A:C

AI Score

7.1

Confidence

Low

EPSS

0.316

Percentile

97.1%

JSON

Cross-site request forgery (CSRF) vulnerability in the LocalFiles Editor plugin in Piwigo before 2.4.7 allows remote attackers to hijack the authentication of administrators for requests that create arbitrary PHP files via unspecified vectors.

Affected configurations

Nvd

Node

piwigopiwigoRange≤2.4.6

piwigopiwigoMatch1.0.0-

piwigopiwigoMatch1.0.1

piwigopiwigoMatch1.0.2

piwigopiwigoMatch1.1.0

piwigopiwigoMatch1.2.0

piwigopiwigoMatch1.2.1

piwigopiwigoMatch1.3.0

piwigopiwigoMatch1.3.1

piwigopiwigoMatch1.3.2

piwigopiwigoMatch1.3.3

piwigopiwigoMatch1.3.4

piwigopiwigoMatch1.4.0

piwigopiwigoMatch1.4.1

piwigopiwigoMatch1.5.0

piwigopiwigoMatch1.5.1

piwigopiwigoMatch1.5.2

piwigopiwigoMatch1.6.0

piwigopiwigoMatch1.6.1

piwigopiwigoMatch1.6.2

piwigopiwigoMatch1.7.0

piwigopiwigoMatch1.7.1

piwigopiwigoMatch1.7.2

piwigopiwigoMatch1.7.3

piwigopiwigoMatch2.0

piwigopiwigoMatch2.0.0

piwigopiwigoMatch2.0.1

piwigopiwigoMatch2.0.2

piwigopiwigoMatch2.0.3

piwigopiwigoMatch2.0.4

piwigopiwigoMatch2.0.5

piwigopiwigoMatch2.0.6

piwigopiwigoMatch2.0.7

piwigopiwigoMatch2.0.8

piwigopiwigoMatch2.0.9

piwigopiwigoMatch2.0.10

piwigopiwigoMatch2.1.0

piwigopiwigoMatch2.1.1

piwigopiwigoMatch2.1.2

piwigopiwigoMatch2.1.3

piwigopiwigoMatch2.1.4

piwigopiwigoMatch2.1.5

piwigopiwigoMatch2.1.6

piwigopiwigoMatch2.2.0

piwigopiwigoMatch2.2.1

piwigopiwigoMatch2.2.2

piwigopiwigoMatch2.2.3

piwigopiwigoMatch2.2.4

piwigopiwigoMatch2.2.5

piwigopiwigoMatch2.3.0

piwigopiwigoMatch2.3.1

piwigopiwigoMatch2.3.2

piwigopiwigoMatch2.3.3

piwigopiwigoMatch2.3.4

piwigopiwigoMatch2.3.5

piwigopiwigoMatch2.4.0

piwigopiwigoMatch2.4.1

piwigopiwigoMatch2.4.2

piwigopiwigoMatch2.4.3

piwigopiwigoMatch2.4.4

piwigopiwigoMatch2.4.5

VendorProductVersionCPE
piwigopiwigo*cpe:2.3:a:piwigo:piwigo:*:*:*:*:*:*:*:*
piwigopiwigo1.0.0cpe:2.3:a:piwigo:piwigo:1.0.0:-:*:*:*:*:*:*
piwigopiwigo1.0.1cpe:2.3:a:piwigo:piwigo:1.0.1:*:*:*:*:*:*:*
piwigopiwigo1.0.2cpe:2.3:a:piwigo:piwigo:1.0.2:*:*:*:*:*:*:*
piwigopiwigo1.1.0cpe:2.3:a:piwigo:piwigo:1.1.0:*:*:*:*:*:*:*
piwigopiwigo1.2.0cpe:2.3:a:piwigo:piwigo:1.2.0:*:*:*:*:*:*:*
piwigopiwigo1.2.1cpe:2.3:a:piwigo:piwigo:1.2.1:*:*:*:*:*:*:*
piwigopiwigo1.3.0cpe:2.3:a:piwigo:piwigo:1.3.0:*:*:*:*:*:*:*
piwigopiwigo1.3.1cpe:2.3:a:piwigo:piwigo:1.3.1:*:*:*:*:*:*:*
piwigopiwigo1.3.2cpe:2.3:a:piwigo:piwigo:1.3.2:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
piwigo	piwigo	*	cpe:2.3:a:piwigo:piwigo::::::::
piwigo	piwigo	1.0.0	cpe:2.3:a:piwigo:piwigo:1.0.0:-::::::
piwigo	piwigo	1.0.1	cpe:2.3:a:piwigo:piwigo:1.0.1:::::::*
piwigo	piwigo	1.0.2	cpe:2.3:a:piwigo:piwigo:1.0.2:::::::*
piwigo	piwigo	1.1.0	cpe:2.3:a:piwigo:piwigo:1.1.0:::::::*
piwigo	piwigo	1.2.0	cpe:2.3:a:piwigo:piwigo:1.2.0:::::::*
piwigo	piwigo	1.2.1	cpe:2.3:a:piwigo:piwigo:1.2.1:::::::*
piwigo	piwigo	1.3.0	cpe:2.3:a:piwigo:piwigo:1.3.0:::::::*
piwigo	piwigo	1.3.1	cpe:2.3:a:piwigo:piwigo:1.3.1:::::::*
piwigo	piwigo	1.3.2	cpe:2.3:a:piwigo:piwigo:1.3.2:::::::*