CVE-2023-27233

Piwigo before 13.6.0 was discovered to contain a SQL injection vulnerability via the order0dir parameter at userlistbackend.php...

The vulnerability of the user_list_backend.php script in the Piwigo content management system allows attackers to carry out SQL injection attacks.

The vulnerability of the userlistbackend.php script in the Piwigo content management system is related to the lack of validation for the consistency of XML objects. Exploiting this vulnerability allows a malicious actor to carry out attacks based on SQL injections...

CVE-2023-27233

Piwigo before 13.6.0 was discovered to contain a SQL injection vulnerability via the order0dir parameter at userlistbackend.php...

Sql injection

Piwigo before 13.6.0 was discovered to contain a SQL injection vulnerability via the order0dir parameter at userlistbackend.php...

CVE-2023-27233

Piwigo before 13.6.0 was discovered to contain a SQL injection vulnerability via the order0dir parameter at userlistbackend.php...

Piwigo SQL注入漏洞

Piwigo is a Web-based open source photo gallery software. The software includes features such as image management, image categorization and permission management. Piwigo suffers from an SQL injection vulnerability that originates from a lack of validation of externally entered SQL statements in t...

PT-2023-2929 · Piwigo · Piwigo

Name of the Vulnerable Software and Affected Versions: Piwigo versions prior to 13.6.0 Description: The issue is related to a lack of validation of XML object sequences in the user list backend.php script of the Piwigo content management system. This can be exploited by a remote attacker to condu...