Description Piwigo 13.6.0 is vulnerable to SQL Injection via in the "profile" function. Remediation References CVE-2023-33362 Related Vulnerabilities Joomla! Core 1.0.x SQL Injection (1.0.0 - 1.0.11) Jenkins Observable Discrepancy Vulnerability (CVE-2022-34174) WordPress Plugin Email Before Download SQL Injection (6.7) Atlassian Confluence Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2015-8399) CakePHP Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2011-3712) Severity Critical Classification CVE-2023-33362 CWE-138 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Tags Missing Update Known Vulnerabilities