CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Piwigo: >> Piwigo >> 13.1.0 Security Vulnerabilities

CVE-2023-27233

Piwigo before 13.6.0 was discovered to contain a SQL injection vulnerability via the order[0][dir] parameter at user_list_backend.php.

CVSS Score

8.8

EPSS Score

0.004

Published

2023-05-17

CVE-2023-26876

SQL injection vulnerability found in Piwigo v.13.5.0 and before allows a remote attacker to execute arbitrary code via the filter_user_id parameter to the admin.php?page=history&filter_image_id=&filter_user_id endpoint.

CVSS Score

8.8

EPSS Score

0.51

Published

2023-04-21

Page 2

Vulnerabilities

Vulnerable Software

Piwigo: >> Piwigo >> 13.1.0 Security Vulnerabilities

Products

Pricing

Contact Us