CVE-2016-10085

Publication date 30 December 2016

Last updated 25 August 2025


Ubuntu priority

Cvss 3 Severity Score

7.2 · High

Score breakdown

Description

admin/languages.php in Piwigo through 2.8.3 allows remote authenticated administrators to conduct File Inclusion attacks via the tab parameter.

Status

Package Ubuntu Release Status
piwigo 17.04 zesty Not in release
16.10 yakkety Not in release
16.04 LTS xenial Not in release
14.04 LTS trusty Not in release
12.04 LTS precise Ignored end of life

Severity score breakdown

CVSS version: CVSS v3.0

Base score 7.2 · High

Vector: CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H


Access our resources on patching vulnerabilities