Количество 3
Количество 3
CVE-2024-43018
Piwigo 13.8.0 and below is vulnerable to SQL Injection in the parameters max_level and min_register. These parameters are used in ws_user_gerList function from file include\ws_functions\pwg.users.php and this same function is called by ws.php file at some point can be used for searching users in advanced way in /admin.php?page=user_list.
CVE-2024-43018
Piwigo 13.8.0 and below is vulnerable to SQL Injection in the paramete ...
GHSA-c4c3-h4wc-4hx3
Piwigo 13.8.0 and below is vulnerable to SQL Injection in the parameters max_level and min_register. These parameters are used in ws_user_gerList function from file include\ws_functions\pwg.users.php and this same function is called by ws.php file at some point can be used for searching users in advanced way in /admin.php?page=user_list.
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2024-43018 Piwigo 13.8.0 and below is vulnerable to SQL Injection in the parameters max_level and min_register. These parameters are used in ws_user_gerList function from file include\ws_functions\pwg.users.php and this same function is called by ws.php file at some point can be used for searching users in advanced way in /admin.php?page=user_list. | CVSS3: 6.4 | 0% Низкий | 6 месяцев назад |
| CVE-2024-43018 Piwigo 13.8.0 and below is vulnerable to SQL Injection in the paramete ... | CVSS3: 6.4 | 0% Низкий | 6 месяцев назад |
| GHSA-c4c3-h4wc-4hx3 Piwigo 13.8.0 and below is vulnerable to SQL Injection in the parameters max_level and min_register. These parameters are used in ws_user_gerList function from file include\ws_functions\pwg.users.php and this same function is called by ws.php file at some point can be used for searching users in advanced way in /admin.php?page=user_list. | CVSS3: 6.4 | 0% Низкий | 6 месяцев назад |
Уязвимостей на страницу