3 matches found
CVE-2015-2035
SQL injection vulnerability in the administrative backend in Piwigo before 2.7.4 allows remote administrators to execute arbitrary SQL commands via the user parameter in the history page to admin.php...
CVE-2015-2035
SQL injection vulnerability in the administrative backend in Piwigo before 2.7.4 allows remote administrators to execute arbitrary SQL commands via the user parameter in the history page to admin.php...
CVE-2015-2035
CVE-2015-2035 affects Piwigo (PHP-based photo gallery) with an SQL injection in the administrative backend. The vulnerability exists in admin.php on the history page, where the user parameter is unsafely used in SQL queries, allowing remote attackers with admin access to execute arbitrary SQL com...