Piwigo 'ws.php' Cross-Site Request Forgery Vulnerability

Piwigo is prone to a cross-site request-forgery vulnerability.

Exploiting this issue may allow a remote attacker to perform certain administrative actions such as adding users in the context of the application.

Piwigo 2.6.1 is vulnerable; other versions may also be affected.


Privacy Statement
Copyright 2010, SecurityFocus