CVE-2021-40678

EPSS 0.19% · P41 Updated Feb 25, 2026

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2021-40678

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

In Piwigo 11.5.0, there exists a persistent cross-site scripting in the single mode function through /admin.php?page=batch_manager&mode=unit.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

Piwigo 跨站脚本漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

Piwigo是一套基于Web的开源图片库软件。该软件包括图片管理、图片分类和权限管理等功能。 Piwigo 11.5.0版本存在安全漏洞，该漏洞源于在Piwigo系统的单模式功能中，修改图片作者参数会导致持久性跨站脚本。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
-	n/a	n/a	-

II. Public POCs for CVE-2021-40678

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2021-40678

请登录查看更多情报信息。

Other References for CVE-2021-40678 (1)

https://github.com/Piwigo/Piwigo/issues/1476x_refsource_MISC

https://nvd.nist.gov/vuln/detail/CVE-2021-40678

Same Patch Batch · n/a · 2022-06-14 · 60 CVEs total

CVE-2022-32338		Patient Records Management System SQL注入漏洞
CVE-2022-32354		Product Show Room Site SQL注入漏洞
CVE-2022-32359		Product Show Room Site SQL注入漏洞
CVE-2022-32362		Product Show Room Site SQL注入漏洞
CVE-2022-32363		Product Show Room Site SQL注入漏洞
CVE-2022-32358		Product Show Room Site SQL注入漏洞
CVE-2021-42675		Kreado Kreasfero 代码问题漏洞
CVE-2022-31403		ITOP 跨站脚本漏洞
CVE-2022-30930		Tourism Management System 跨站请求伪造漏洞
CVE-2022-32337		Patient Records Management System SQL注入漏洞
CVE-2022-32561		Couchbase Server 安全漏洞
CVE-2022-32339		Patient Records Management System SQL注入漏洞
CVE-2022-32340		Patient Records Management System SQL注入漏洞
CVE-2022-32341		Patient Records Management System SQL注入漏洞
CVE-2022-32342		Patient Records Management System SQL注入漏洞
CVE-2022-32343		Patient Records Management System SQL注入漏洞
CVE-2022-32344		Patient Records Management System SQL注入漏洞
CVE-2022-32345		Patient Records Management System SQL注入漏洞
CVE-2022-32346		Patient Records Management System SQL注入漏洞
CVE-2022-30931		Employee Leaves Management System 跨站请求伪造漏洞

Showing top 20 of 60 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: n/a

Same vendor: n/a

V. Comments for CVE-2021-40678

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2021-40678

I. Basic Information for CVE-2021-40678

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2021-40678

III. Intelligence Information for CVE-2021-40678

Other References for CVE-2021-40678 (1)

Same Patch Batch · n/a · 2022-06-14 · 60 CVEs total

IV. Related Vulnerabilities

V. Comments for CVE-2021-40678

Leave a comment