3 matches found
CVE-2021-40313
Piwigo v11.5 was discovered to contain a SQL injection vulnerability via the parameter pwgtoken in /admin/batchmanagerglobal.php...
Piwigo <= 12.2.0 Multiple Vulnerabilities
Piwigo is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:piwigo:piwigo"; if description...
CVE-2021-40313
CVE-2021-40313 affects Piwigo v11.5, with a SQL injection vulnerability in the pwg_token parameter of /admin/batch_manager_global.php. The issue is caused by insufficient escaping/ filtering, as reported across sources (NVD entry and Red Hat/CVE references). Impact is described as SQL injection w...