Piwigo.install.php.Directory.traversal
Description
This indicates an attack attempt against a Directory traversal vulnerability in Piwigo.
The vulnerability is caused by a lack of sanitizing of the "dl" parameter that is passed to "install.php". A remote attacker can exploit this to gain unauthorized access to sensitive information.
Affected Products
Piwigo before 2.4.7
Impact
Information Disclosure: Remote attackers can gain sensitive information from vulnerable systems.
Recommended Actions
Upgrade to the version 2.4.7 available from the website.
http://piwigo.org/releases/2.4.7
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |