CVE-2015-1517
Piwigo prior to 2.7.4 is affected by an SQL injection in the batch_manager page. When an authenticated user applies all filters and submits Refresh photo set, the parameter filter_level is injectable, enabling boolean-based, error-based and time-based blind SQL injection and potentially arbitrary...