CVE-2014-4648

critical

Published 2014-06-28 · Modified 2026-05-06

CVSS v3

—

CVSS v2

10.0

VIR risk

10.0

Description

Unspecified vulnerability in Piwigo before 2.6.3 has unknown impact and attack vectors, related to a "security failure."

Exploit likelihood

20%

Patch ETA

—

Heuristic predictions, AS-IS, for prioritization only.

vendor Authored 2026-05-27

Vendor advisory: cve@mitre.org — http://piwigo.org/releases/2.6.3

vendor Authored 2026-05-27

Vendor advisory: cve@mitre.org — http://piwigo.org/forum/viewtopic.php?id=24009

Vendor	Product	Versions
piwigo	piwigo	`{"endIncluding":"2.6.2"}`
piwigo	piwigo	`2.6.0`
piwigo	piwigo	`2.6.1`

Verify integrity in audit chain (admin only). AS-IS.