Get a demo
Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium

Multimedia

Piwigo

Piwigo is a photo gallery software for the web built by an active community of users and developers. Extensions make Piwigo easily customizable. Icing on the cake Piwigo is free and opensource.

Official Site:

http://tr.piwigo.org/

Severity Summary:

Critical: 9 High: 27 Medium: 50
Reference
Title
Severity
CVE-2014-4648
Piwigo Vulnerability
Critical
CVE-2019-13364
Piwigo Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Critical
CVE-2019-13363
Piwigo Cross-Site Request Forgery (CSRF) Vulnerability
Critical
CVE-2020-19213
Piwigo Improper Neutralization of Special Elements used in an SQL Command (SQL Injection) Vulnerability
Critical
CVE-2023-33362
Piwigo Improper Neutralization of Special Elements used in an SQL Command (SQL Injection) Vulnerability
Critical
CVE-2023-33361
Piwigo Improper Neutralization of Special Elements used in an SQL Command (SQL Injection) Vulnerability
Critical
CVE-2016-10105
Piwigo Improper Access Control Vulnerability
Critical
CVE-2017-10682
Piwigo Improper Neutralization of Special Elements used in an SQL Command (SQL Injection) Vulnerability
Critical
CVE-2021-32615
Piwigo Improper Neutralization of Special Elements used in an SQL Command (SQL Injection) Vulnerability
Critical
CVE-2017-17827
Piwigo Cross-Site Request Forgery (CSRF) Vulnerability
High
CVE-2012-2208
Piwigo Improper Limitation of a Pathname to a Restricted Directory (Path Traversal) Vulnerability
High
CVE-2020-19215
Piwigo Improper Neutralization of Special Elements used in an SQL Command (SQL Injection) Vulnerability
High
CVE-2020-19216
Piwigo Improper Neutralization of Special Elements used in an SQL Command (SQL Injection) Vulnerability
High
CVE-2020-19217
Piwigo Improper Neutralization of Special Elements used in an SQL Command (SQL Injection) Vulnerability
High
CVE-2014-9115
Piwigo Improper Neutralization of Special Elements used in an SQL Command (SQL Injection) Vulnerability
High
CVE-2021-27973
Piwigo Improper Neutralization of Special Elements used in an SQL Command (SQL Injection) Vulnerability
High
CVE-2022-26266
Piwigo Improper Neutralization of Special Elements used in an SQL Command (SQL Injection) Vulnerability
High
CVE-2022-26267
Piwigo Exposure of Resource to Wrong Sphere Vulnerability
High
CVE-2016-3735
Piwigo Incorrect Usage of Seeds in Pseudo-Random Number Generator (PRNG) Vulnerability
High
CVE-2021-40313
Piwigo Improper Neutralization of Special Elements used in an SQL Command (SQL Injection) Vulnerability
High
CVE-2017-17774
Piwigo Cross-Site Request Forgery (CSRF) Vulnerability
High
CVE-2016-10084
Piwigo Improper Access Control Vulnerability
High
CVE-2021-40553
Piwigo Improper Neutralization of Special Elements used in a Command (Command Injection) Vulnerability
High
CVE-2016-10085
Piwigo Improper Access Control Vulnerability
High
CVE-2021-40317
Piwigo Improper Neutralization of Special Elements used in an SQL Command (SQL Injection) Vulnerability
High
CVE-2009-2933
Piwigo Improper Neutralization of Special Elements used in an SQL Command (SQL Injection) Vulnerability
High
CVE-2015-1441
Piwigo Improper Neutralization of Special Elements used in an SQL Command (SQL Injection) Vulnerability
High
CVE-2022-32297
Piwigo Improper Neutralization of Special Elements used in an SQL Command (SQL Injection) Vulnerability
High
CVE-2017-10678
Piwigo Cross-Site Request Forgery (CSRF) Vulnerability
High
CVE-2017-10679
Piwigo Exposure of Sensitive Information to an Unauthorized Actor Vulnerability
High