Filtered by vendor Facetag Project
Subscribe
Total
2 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2017-9426 | 1 Facetag Project | 1 Facetag | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| ws.php in the Facetag extension 0.0.3 for Piwigo allows SQL injection via the imageId parameter in a facetag.changeTag or facetag.listTags action. | |||||
| CVE-2017-9425 | 1 Facetag Project | 1 Facetag | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| The Facetag extension 0.0.3 for Piwigo allows XSS via the name parameter to ws.php in a facetag.changeTag action. | |||||