2 matches found
CVE-2023-27233
Piwigo before 13.6.0 was discovered to contain a SQL injection vulnerability via the order0dir parameter at userlistbackend.php...
CVE-2023-27233
Summary: CVE-2023-27233 affects Piwigo versions before 13.6.0, where a SQL injection can be triggered via the order[0][dir] parameter in user_list_backend.php. Technical details (from sources): The vulnerability stems from inadequate validation of the order[0][dir] parameter in the backend query,...