SQL injection vulnerability in the photo-edit subsystem in Piwigo 2.6.x and 2.7.x prior to 2.7.0beta2 allows remote authenticated administrators to execute arbitrary SQL commands via the associate[] field.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
piwigo piwigo 2.6.3 |
||
piwigo piwigo 2.6.2 |
||
piwigo piwigo 2.6.1 |
||
piwigo piwigo 2.7.0 |
||
piwigo piwigo 2.6.0 |