2 matches found
CVE-2018-6883
Piwigo before 2.9.3 has SQL injection in admin/tags.php in the administration panel, via the tags array parameter in an admin.php?page=tags request. The attacker must be an administrator...
CVE-2018-6883
Piwigo before 2.9.3 is affected by a SQL injection in admin/tags.php via the tags array parameter in admin.php?page=tags; the attacker must be an administrator. The issue is triggered in the administration panel, and CVE-2018-6883 is documented with CVSS metrics (2.0/4.0 base, 3.0/4.9 base) indic...