{"id":"CVE-2021-31783","details":"show_default.php in the LocalFilesEditor extension before 11.4.0.1 for Piwigo allows Local File Inclusion because the file parameter is not validated with a proper regular-expression check.","modified":"2026-07-08T05:59:46.671308556Z","published":"2021-04-26T19:15:08.583Z","database_specific":{"unresolved_ranges":[{"cpes":["cpe:2.3:a:piwigo:localfiles_editor:*:*:*:*:*:piwigo:*:*"],"extracted_events":[{"fixed":"11.4.0.1"}],"source":"CPE_RANGE","vendor_product":"piwigo:localfiles_editor"},{"extracted_events":[{"fixed":"11.4.0.1"}],"source":"DESCRIPTION"}]},"references":[{"type":"ADVISORY","url":"https://piwigo.org/ext/index.php?cid=null"},{"type":"REPORT","url":"https://github.com/Piwigo/LocalFilesEditor/issues/2"},{"type":"FIX","url":"https://github.com/Piwigo/LocalFilesEditor/commit/dda691d3e45bfd166ac175c70bd8b91cb4917b6b"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/piwigo/localfileseditor","events":[{"introduced":"0"},{"fixed":"dda691d3e45bfd166ac175c70bd8b91cb4917b6b"}],"database_specific":{"source":"REFERENCES"}}],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-31783.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"}]}