23 matches found
CVE-2020-19213
SQL Injection vulnerability in catmove.php in piwigo v2.9.5, via the selection parameter to movecategories...
CVE-2020-19217
SQL Injection vulnerability in admin/batchmanager.php in piwigo v2.9.5, via the filtercategory parameter to admin.php?page=batchmanager...
CVE-2020-19215
SQL Injection vulnerability in admin/userperm.php in piwigo v2.9.5, via the catfalse parameter to admin.php?page=userperm...
CVE-2020-19217
SQL Injection vulnerability in admin/batchmanager.php in piwigo v2.9.5, via the filtercategory parameter to admin.php?page=batchmanager...
CVE-2020-19212
SQL Injection vulnerability in admin/grouplist.php in piwigo v2.9.5, via the group parameter to delete...
CVE-2020-19212
SQL Injection vulnerability in admin/grouplist.php in piwigo v2.9.5, via the group parameter to delete...
CVE-2020-19213
SQL Injection vulnerability in catmove.php in piwigo v2.9.5, via the selection parameter to movecategories...
CVE-2020-19216
SQL Injection vulnerability in admin/userperm.php in piwigo v2.9.5, via the catfalse parameter to admin.php?page=groupperm...
CVE-2020-19216
SQL Injection vulnerability in admin/userperm.php in piwigo v2.9.5, via the catfalse parameter to admin.php?page=groupperm...
Sql injection
SQL Injection vulnerability in admin/userperm.php in piwigo v2.9.5, via the catfalse parameter to admin.php?page=userperm...
Sql injection
SQL Injection vulnerability in admin/grouplist.php in piwigo v2.9.5, via the group parameter to delete...
Sql injection
SQL Injection vulnerability in admin/batchmanager.php in piwigo v2.9.5, via the filtercategory parameter to admin.php?page=batchmanager...
Sql injection
SQL Injection vulnerability in catmove.php in piwigo v2.9.5, via the selection parameter to movecategories...
Sql injection
SQL Injection vulnerability in admin/userperm.php in piwigo v2.9.5, via the catfalse parameter to admin.php?page=groupperm...
CVE-2020-19217
SQL Injection vulnerability in admin/batchmanager.php in piwigo v2.9.5, via the filtercategory parameter to admin.php?page=batchmanager...
CVE-2020-19217
CVE-2020-19217 affects Piwigo 2.9.5. A SQL injection flaw exists in admin/batch_manager.php exploitable via the filter_category parameter, enabling injection through admin.php?page=batch_manager. The issue is caused by unsafely interpolating user-controlled input into SQL queries, as described ac...
CVE-2020-19216
SQL Injection vulnerability in admin/userperm.php in piwigo v2.9.5, via the catfalse parameter to admin.php?page=groupperm...
CVE-2020-19216
This CVE (CVE-2020-19216) affects Piwigo 2.9.5, where an SQL injection exists in admin/user_perm.php triggered via the cat_false parameter in admin.php?page=group_perm. The root cause is an injection vulnerability in the admin permission management flow, allowing potentially unauthorized access t...
CVE-2020-19215
SQL Injection vulnerability in admin/userperm.php in piwigo v2.9.5, via the catfalse parameter to admin.php?page=userperm...
CVE-2020-19213
SQL Injection vulnerability in catmove.php in piwigo v2.9.5, via the selection parameter to movecategories...