~ubuntu-security/ubuntu-cve-tracker/master : contents of retired/CVE-2016-10085 at revision 13266

~ubuntu-security/ubuntu-cve-tracker/master : (revision 13266)

browse files
view with revision information
view revision
view changes to this file
download file

Candidate: CVE-2016-10085
PublicDate: 2016-12-30
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10085
 https://github.com/Piwigo/Piwigo/commit/4b33a0fd199fd445b15a49927ea6a9a153e3877d
 https://github.com/Piwigo/Piwigo/issues/573#issuecomment-267974558
Description:
 admin/languages.php in Piwigo through 2.8.3 allows remote authenticated
 administrators to conduct File Inclusion attacks via the tab parameter.
Ubuntu-Description:
Notes:
Bugs:
Priority: medium
Discovered-by:
Assigned-to:

Patches_piwigo:
upstream_piwigo: needs-triage
precise_piwigo: ignored (reached end-of-life)
precise/esm_piwigo: DNE (precise was needed)
trusty_piwigo: DNE
vivid/stable-phone-overlay_piwigo: DNE
vivid/ubuntu-core_piwigo: DNE
xenial_piwigo: DNE
yakkety_piwigo: DNE
zesty_piwigo: DNE
devel_piwigo: DNE