Description
admin/languages.php in Piwigo through 2.8.3 allows remote authenticated administrators to conduct File Inclusion attacks via the tab parameter.
Remediation
References
Related Vulnerabilities
WordPress Plugin Thrive Apprentice Security Bypass (2.3.9.3)
Jboss EAP Deserialization of Untrusted Data Vulnerability (CVE-2019-17531)
Oracle JRE CVE-2018-2795 Vulnerability (CVE-2018-2795)
Joomla Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2018-11322)
WordPress Plugin WooCommerce Stock Manager Security Bypass (1.0.7)