Piwigo 2.10.1 has stored XSS via the file parameter in a /ws.php request because of the pwg.images.setInfo function.

Overview :
Piwigo 2.10.1 has stored XSS via the file parameter in a /ws.php request because of the pwg.images.setInfo function.

CVE-2020-9467

stored XSS with pwg.images.setInfo #1168

file param. No worry with an admin, but this method can be used by a community user as well.

Originally reported by Zak S. see CVE-2020-9467

References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
Assigning CNA
MITRE Corporation

 

 

Common Vulnerabilityies and Exposures

Internet Download Manager 6.37.11.1 Export/Import stack-based overflow

A vulnerability, which was classified as critical, was found in Internet Download Manager 6.37.11.1. This affects an unknown code block of the component Export/Import. There is no information about possible countermeasures known. It may be suggested to replace the affected object with an alternative product.

Passcovery ZIP Password Recovery 3.70.69.0 Decompression buffer overflow

A vulnerability classified as critical was found in Passcovery ZIP Password Recovery 3.70.69.0. Affected by this vulnerability is an unknown part of the component Decompression. There is no information about possible countermeasures known. It may be suggested to replace the affected object with an alternative product.

Portable Playable 9.18 JPEG File filename unrestricted upload

A vulnerability, which was classified as critical, has been found in Portable Playable 9.18. Affected by this issue is an unknown code of the component JPEG File Handler. There is no information about possible countermeasures known. It may be suggested to replace the affected object with an alternative product.