CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Piwigo: >> Piwigo >> 12.3.0 Security Vulnerabilities

CVE-2023-27233

Piwigo before 13.6.0 was discovered to contain a SQL injection vulnerability via the order[0][dir] parameter at user_list_backend.php.

CVSS Score

8.8

EPSS Score

0.004

Published

2023-05-17

CVE-2023-26876

SQL injection vulnerability found in Piwigo v.13.5.0 and before allows a remote attacker to execute arbitrary code via the filter_user_id parameter to the admin.php?page=history&filter_image_id=&filter_user_id endpoint.

CVSS Score

8.8

EPSS Score

0.51

Published

2023-04-21

CVE-2022-37183

Piwigo 12.3.0 is vulnerable to Cross Site Scripting (XSS) via /search/1940/created-monthly-list.

CVSS Score

6.1

EPSS Score

0.005

Published

2022-08-31

Page 2

Vulnerabilities

Vulnerable Software

Piwigo: >> Piwigo >> 12.3.0 Security Vulnerabilities

Products

Pricing

Contact Us