2 matches found
CVE-2017-17823
The Configuration component of Piwigo 2.9.2 is vulnerable to SQL Injection via the admin/configuration.php orderby array parameter. An attacker can exploit this to gain access to the data in a connected MySQL database...
CVE-2017-17823
The CVE-2017-17823 entry describes a SQL Injection in Piwigo 2.9.2’s Configuration component, exploitable via the admin/configuration.php order_by array parameter. Impact stated: an attacker can access data in the connected MySQL database. The connected records confirm this issue across multiple ...