Description Piwigo 13.7.0 is vulnerable to SQL Injection via the "Users" function. Remediation References CVE-2023-34626 Related Vulnerabilities Drupal Core 8.9.x Arbitrary File Overwrite (8.9.0 - 8.9.12) WordPress Plugin WP Intercom-Slack for WordPress Information Disclosure (1.2.1) TCExam Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-4602) e107 Other Vulnerability (CVE-2005-3594) WordPress Plugin Add Custom Link to WordPress Admin Bar Cross-Site Scripting (1.0) Severity Medium Classification CVE-2023-34626 CWE-138 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N Tags Missing Update Known Vulnerabilities