1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
|
Candidate: CVE-2016-10085
PublicDate: 2016-12-30
References:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10085
https://github.com/Piwigo/Piwigo/commit/4b33a0fd199fd445b15a49927ea6a9a153e3877d
https://github.com/Piwigo/Piwigo/issues/573#issuecomment-267974558
Description:
admin/languages.php in Piwigo through 2.8.3 allows remote authenticated
administrators to conduct File Inclusion attacks via the tab parameter.
Ubuntu-Description:
Notes:
Bugs:
Priority: medium
Discovered-by:
Assigned-to:
Patches_piwigo:
upstream_piwigo: needs-triage
precise_piwigo: ignored (reached end-of-life)
precise/esm_piwigo: DNE (precise was needed)
trusty_piwigo: DNE
vivid/stable-phone-overlay_piwigo: DNE
vivid/ubuntu-core_piwigo: DNE
xenial_piwigo: DNE
yakkety_piwigo: DNE
zesty_piwigo: DNE
devel_piwigo: DNE
|