Piwigo is image gallery software written in PHP. When a criteria is not met on a host, piwigo defaults to usingmt_rand in order to generate password reset tokens. mt_rand output can be predicted after recovering the seed used to generate it. This low an unauthenticated attacker to take over an account providing they know an administrators email address in order to be able to request password reset.
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:HPiwigo
APPPiwigo< 2.8.1
Related vulnerabilities
Piwigo is an open source photo gallery application. Prior to version 14.0.0beta4, a reflected cross-site scrip...
Piwigo 13.6.0 is vulnerable to SQL Injection via in the "profile" function.
Piwigo 13.6.0 is vulnerable to SQL Injection via /admin/permalinks.php.
SQL Injection vulnerability in cat_move.php in piwigo v2.9.5, via the selection parameter to move_categories.
Piwigo 11.4.0 allows admin/user_list_backend.php order[0][dir] SQL Injection.