CVE-2013-1468

NameCVE-2013-1468
DescriptionCross-site request forgery (CSRF) vulnerability in the LocalFiles Editor plugin in Piwigo before 2.4.7 allows remote attackers to hijack the authentication of administrators for requests that create arbitrary PHP files via unspecified vectors.
SourceCVE (at NVD; CERT, ENISA, LWN, oss-sec, fulldisc, Debian ELTS, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
piwigosourcesqueeze(unfixed)end-of-life
piwigosource(unstable)(unfixed)

Notes

[squeeze] - piwigo <end-of-life> (Unsupported in squeeze-lts)
Request to mark the package as unsupported in #779104
https://www.htbridge.com/advisory/HTB23144
Search for package or bug name: Reporting problems