Description Piwigo 13.6.0 is vulnerable to SQL Injection via in the "profile" function. Remediation References CVE-2023-33362 Related Vulnerabilities Oracle HTTP Server Loop with Unreachable Exit Condition ('Infinite Loop') Vulnerability (CVE-2021-4184) PHP Other Vulnerability (CVE-2007-2727) WordPress Plugin WP Google Maps Cross-Site Scripting (7.10.41) WordPress 4.7.x Directory Traversal (4.7 - 4.7.28) MathJax Inefficient Regular Expression Complexity Vulnerability (CVE-2023-39663) Severity Critical Classification CVE-2023-33362 CWE-138 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Tags Missing Update Known Vulnerabilities