CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

5 matches found

CNVD•added 2022/05/09 12:0 a.m.•13 views

Piwigo admin/user_perm.php SQL Injection Vulnerability

Piwigo is a Web-based open source photo gallery software. The software includes features such as image management, image categorization and permission management. Piwigo admin/userperm.php has a SQL injection vulnerability that can be exploited by an attacker to inject it into admin.php via the...

8.8CVSS7.7AI score0.00255EPSS

Exploits1References1

NVD•added 2022/05/06 2:15 p.m.•12 views

CVE-2020-19215

SQL Injection vulnerability in admin/userperm.php in piwigo v2.9.5, via the catfalse parameter to admin.php?page=userperm...

8.8CVSS0.00255EPSS

Exploits1References1

Prion•added 2022/05/06 2:15 p.m.•13 views

Sql injection

SQL Injection vulnerability in admin/userperm.php in piwigo v2.9.5, via the catfalse parameter to admin.php?page=groupperm...

6.5CVSS9AI score0.00255EPSS

Exploits1References1Affected Software1

Prion•added 2022/05/06 2:15 p.m.•13 views

Sql injection

SQL Injection vulnerability in admin/userperm.php in piwigo v2.9.5, via the catfalse parameter to admin.php?page=userperm...

6.5CVSS9AI score0.00255EPSS

Exploits1References1Affected Software1

CVE•added 2022/05/06 1:55 p.m.•46 views

CVE-2020-19215

CVE-2020-19215 describes a SQL injection in Piwigo v2.9.5, exploiting the admin/user_perm.php component via the cat_false parameter in admin.php?page=user_perm. The root cause is an injectable input handling within that admin page; impact is partial to high depending on the document’s CVSS data, ...

8.8CVSS9AI score0.00255EPSS

Exploits1References1Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by