Description

Cross-site request forgery (CSRF) vulnerability in the LocalFiles Editor plugin in Piwigo before 2.4.7 allows remote attackers to hijack the authentication of administrators for requests that create arbitrary PHP files via unspecified vectors.

Remediation

References

CVE-2013-1468

Related Vulnerabilities

Oracle JRE CVE-2013-0438 Vulnerability (CVE-2013-0438)

SharePoint CVE-2021-31172 Vulnerability (CVE-2021-31172)

WordPress Plugin Custom 404 Pro Cross-Site Request Forgery (3.7.1)

Internet Information Services Other Vulnerability (CVE-1999-0233)

PostgreSQL Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-7484)

Severity

High

Classification

CVE-2013-1468 CWE-352

Tags

Missing Update Known Vulnerabilities