Description

SQL Injection vulnerability in admin/group_list.php in piwigo v2.9.5, via the group parameter to delete.

Remediation

References

CVE-2020-19212

Related Vulnerabilities

WordPress Plugin FCChat Widget 'path' Parameter Cross-Site Scripting (2.1.7)

ownCloud Permissions, Privileges, and Access Controls Vulnerability (CVE-2014-3834)

WordPress Plugin PayPal Shopping Cart Multiple Vulnerabilities (1.1.9)

MySQL CVE-2024-21166 Vulnerability (CVE-2024-21166)

WordPress Plugin 404 to 301-Redirect, Log and Notify 404 Errors Cross-Site Scripting (2.3.0)

Severity

Medium

Classification

CVE-2020-19212 CWE-138 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N

Tags

Missing Update Known Vulnerabilities