Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
Piwigo Improper Access Control Vulnerability - CVE-2016-10514 - Vulnerability Database
Piwigo

Piwigo Improper Access Control Vulnerability - CVE-2016-10514

Medium
Reference: CVE-2016-10514
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2016-10514
Title: Piwigo Improper Access Control Vulnerability
Overview:

url_check_format in include/functions.inc.php in Piwigo before 2.8.3 allows remote attackers to bypass intended access restrictions via a URL that contains a quot character or a URL beginning with a substring other than the http:// or https:// substring.