CVE-2025-56694
5.8MEDIUMClient-side password validation (CWE-602) in lumasoft fotoShare Cloud 2025-03-13 allowing unauthenticated attackers to view password-protected photo albums.
Published: 8/27/2025Updated: 9/9/2025
Description
Client-side password validation (CWE-602) in lumasoft fotoShare Cloud 2025-03-13 allowing unauthenticated attackers to view password-protected photo albums.
AI AnalysisPowered by AI
Affected Products
lumasoftfotoshare_cloud
2025-03-13
References
- https://fotoshare.co/Product
- https://inf0sectom.github.io/posts/fotoshareco/ExploitThird Party Advisory
- https://support.lumasoft.co/hc/en-us/articles/360046797573-Event-Privacy-and-Link-SharingProduct