6 matches found
EUVD-2023-38670
Malicious code in bioql PyPI...
Piwigo 13.7.0 Cross Site Scripting
Exploit Title: Piwigo v13.7.0 - Stored Cross-Site Scripting XSS Authenticated Date: 25 June 2023 Exploit Author: Okan Kurtulus Vendor Homepage: https://piwigo.org Version: 13.7.0 Tested on: Ubuntu 22.04 CVE : N/A Proof of Concept: 1– Install the system through the website and log in with any user...
Sql injection
Piwigo 13.7.0 is vulnerable to SQL Injection via the "Users" function...
CVE-2023-34626
Piwigo 13.7.0 is vulnerable to SQL Injection via the "Users" function...
CVE-2023-34626
CVE-2023-34626 affects Piwigo 13.7.0 and is a SQL injection vulnerability in the "+Users" function. The connected documents corroborate the impact as SQL injection on Piwigo 13.7.0, but do not provide concrete details on the root cause, specific vulnerable query, affected versions beyond 13.7.0, ...
CVE-2023-34626
Piwigo 13.7.0 is vulnerable to SQL Injection via the "Users" function...