4 matches found
CVE-2026-27885
Piwigo is an open source photo gallery application for the web. Prior to version 16.3.0, a SQL Injection vulnerability was discovered in Piwigo affecting the Activity List API endpoint. This vulnerability allows an authenticated administrator to extract sensitive data from the database, including...
CVE-2026-27885 Piwigo: SQL Injection in Activity.getList
Piwigo is an open source photo gallery application for the web. Prior to version 16.3.0, a SQL Injection vulnerability was discovered in Piwigo affecting the Activity List API endpoint. This vulnerability allows an authenticated administrator to extract sensitive data from the database, including...
CVE-2026-27885
CVE-2026-27885 affects Piwigo prior to version 16.3.0. A SQL injection vulnerability exists in the Activity.getList/API endpoint, exploitable by an authenticated administrator which can lead to leakage of sensitive data (user credentials, email addresses, and all stored content). The root cause i...
Piwigo SQL注入漏洞
Piwigo is a web-based open-source image library software developed by Piwigo contributors. This software includes functions such as image management, image classification, and permission management. Versions of Piwigo prior to 16.3.0 had a SQL injection vulnerability. This vulnerability stemmed...