Iridium

1 exploit Active since Mar 2020
CVE-2020-9467 EXPLOITDB MEDIUM text WORKING POC
Piwigo 2.10.1 - Stored Cross-Site Scripting via pwg.images.setInfo File Parameter
Piwigo 2.10.1 has stored XSS via the file parameter in a /ws.php request because of the pwg.images.setInfo function.
CVSS 5.4