CVE-2014-4649

2014-06-28T15:55:00
ID CVE-2014-4649
Type cve
Reporter cve@mitre.org
Modified 2014-06-30T22:10:00

Description

SQL injection vulnerability in the photo-edit subsystem in Piwigo 2.6.x and 2.7.x before 2.7.0beta2 allows remote authenticated administrators to execute arbitrary SQL commands via the associate[] field.