Share:

CVE-2021-40313 - Piwigo Piwigo

December 6, 2021

Critical 8.8

Piwigo v11.5 was discovered to contain a SQL injection vulnerability via the parameter pwg_token in /admin/batch_manager_global.php.

Affected software

Piwigo Piwigo

Reference links

https://github.com/Piwigo/Piwigo/issues/1469

Get alerted to vulnerabilities in your software

CVE alerts, vulnerability alerts, latest versions and news matched to your software stack.