Description

SQL Injection vulnerability in admin/group_list.php in piwigo v2.9.5, via the group parameter to delete.

Remediation

References

CVE-2020-19212

Related Vulnerabilities

WordPress Plugin Gravity Forms Arbitrary File Upload (1.8.19)

Joomla CVE-2006-4469 Vulnerability (CVE-2006-4469)

Joomla! Core Cross-Site Scripting (2.5.0 - 3.9.24)

WordPress Plugin ProfileGrid-User Profiles, Groups and Communities Unspecified Vulnerability (2.6.4)

OpenSSL Improper Certificate Validation Vulnerability (CVE-2023-0466)

Severity

Medium

Classification

CVE-2020-19212 CWE-138 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N

Tags

Missing Update Known Vulnerabilities