PT-2026-23645

Name of the Vulnerable Software and Affected Versions Home-Gallery.org versions prior to 1.21.0 Description The application does not verify if a requested file for download is within the expected media source directory. This can allow an attacker to download sensitive system files. Recommendation...

PT-2026-21769

Name of the Vulnerable Software and Affected Versions Piwigo versions 14.x Description Piwigo is a photo gallery application for the web. In versions on the 14.x branch, the secret key configuration parameter is set to MD5RAND during installation when using MySQL. The RAND function has limited...

Piwigo SQL注入漏洞

Piwigo is a Web-based open source photo gallery software. The software includes features such as image management, image categorization and permission management. A security vulnerability exists in Piwigo version 13.6.0, which stems from a problem with the configuration file functionality and can...

piwigo SQL注入漏洞

Piwigo is a Web-based open source photo gallery software. The software includes features such as image management, image categorization and permission management. piwigo admin/grouplist.php has a SQL injection vulnerability that can be exploited by attackers to delete via the group parameter...