Описание
SQL injection vulnerability in the administrative backend in Piwigo before 2.7.4 allows remote administrators to execute arbitrary SQL commands via the user parameter in the history page to admin.php.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| piwigo | removed | package | ||
| piwigo | end-of-life | squeeze | package |
Примечания
Request to mark the package as unsupported in #779104
EPSS
Связанные уязвимости
SQL injection vulnerability in the administrative backend in Piwigo before 2.7.4 allows remote administrators to execute arbitrary SQL commands via the user parameter in the history page to admin.php.
SQL injection vulnerability in the administrative backend in Piwigo before 2.7.4 allows remote administrators to execute arbitrary SQL commands via the user parameter in the history page to admin.php.
SQL injection vulnerability in the administrative backend in Piwigo before 2.7.4 allows remote administrators to execute arbitrary SQL commands via the user parameter in the history page to admin.php.
EPSS