Vulnerability in Piwigo

CVE-2016-3735

Piwigo is image gallery software written in PHP. When a criteria is not met on a host, piwigo defaults to usingmt_rand in order to generate password reset tokens. mt_rand output can be predicted after recovering the seed used to generate i…

EPSS: 0.019 (83.5th percentile) — read the EPSS interpretation.

Affected products

  • N/a Piwigo — versions piwigo < 2.8.1

Weakness classification (CWE)

References