Announcement

#1 2012-10-11 08:56:22

Henri Salo
Guest

Information of Piwigo 2.3.2 Shell Upload

Hello,

There was security advisory about "Piwigo 2.3.2 Shell Upload" in http://packetstormsecurity.org/files/11 … -shell.txt

Could you tell me more information about this? To me that does not look like a security vulnerability. Logged in administrator can upload pictures.

This issue is listed in OSVDB as well in: http://osvdb.org/show/osvdb/79663

 

#2 2012-10-11 09:00:23

plg
Piwigo Team
Nantes, France, Europe
2002-04-05
13603

Re: Information of Piwigo 2.3.2 Shell Upload

Hi Henri,

I remember I have already replied to this "vulnerability". Photo upload by visitors is a feature enabled by plugin Community. I don't see any "vulnerability" described here.

Offline

 

Board footer

Powered by FluxBB

github twitter newsletter Donate Piwigo.org © 2002-2022 · Contact