Description

Piwigo 11.5.0 is affected by a SQL injection vulnerability via admin.php and the id parameter.

Remediation

References

CVE-2021-40317

Related Vulnerabilities

Oracle HTTP Server Server-Side Request Forgery (SSRF) Vulnerability (CVE-2021-40438)

WordPress Plugin Countdown Block Security Bypass (1.1.1)

WordPress Plugin WP-Live Chat by 3CX Cross-Site Scripting (8.1.9)

Oracle Application Server CVE-2009-1009 Vulnerability (CVE-2009-1009)

WordPress Plugin Justified Gallery Cross-Site Scripting (1.7.0)

Severity

High

Classification

CVE-2021-40317 CWE-138 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Tags

Missing Update Known Vulnerabilities