VYPR
Vendor

Pommes Frites

Products
1
CVEs
2
Across products
2
Status
Private

Products

1

Recent CVEs

2
  • CVE-2017-9426CriFeb 26, 2018
    risk 0.64cvss 9.8epss 0.03

    ws.php in the Facetag extension 0.0.3 for Piwigo allows SQL injection via the imageId parameter in a facetag.changeTag or facetag.listTags action.

  • CVE-2017-9425MedFeb 26, 2018
    risk 0.40cvss 6.1epss 0.01

    The Facetag extension 0.0.3 for Piwigo allows XSS via the name parameter to ws.php in a facetag.changeTag action.