CVE-2016-10105

Publication date

2017-01-03 06:34:00

Family

mitre

State

PUBLISHED

Description

admin/plugin.php in Piwigo through 2.8.3 doesnt validate the sections variable while using it to include files. This can cause information disclosure and code execution if it contains a .. sequence.