Description
Cross-site request forgery (CSRF) vulnerability in the LocalFiles Editor plugin in Piwigo before 2.4.7 allows remote attackers to hijack the authentication of administrators for requests that create arbitrary PHP files via unspecified vectors.
Remediation
References
Related Vulnerabilities
Oracle JRE CVE-2013-0438 Vulnerability (CVE-2013-0438)
SharePoint CVE-2021-31172 Vulnerability (CVE-2021-31172)
WordPress Plugin Custom 404 Pro Cross-Site Request Forgery (3.7.1)
Internet Information Services Other Vulnerability (CVE-1999-0233)
PostgreSQL Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-7484)