Description
SQL injection vulnerability in the administrative backend in Piwigo before 2.7.4 allows remote administrators to execute arbitrary SQL commands via the user parameter in the history page to admin.php.
Remediation
References
Related Vulnerabilities
WordPress Plugin Broken Link Checker Cross-Site Scripting (1.10.1)
Apache read beyond bounds via ap_rwrite() Vulnerability (CVE-2022-28614)
Claroline Other Vulnerability (CVE-2006-1596)
Mailman Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2006-4624)
WordPress Plugin Simply Instagram Cross-Site Scripting (1.2.6)