Description SQL Injection vulnerability in admin/group_list.php in piwigo v2.9.5, via the group parameter to delete. Remediation References CVE-2020-19212 Related Vulnerabilities Python Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2022-0391) WordPress Plugin Stylish Price List Security Bypass (6.9.0) WordPress Plugin Accessibility Suite by Online ADA SQL Injection (2.0.10) Drupal Core 6.x Multiple Security Bypass Vulnerabilities (6.0 - 6.4) MySQL CVE-2018-2839 Vulnerability (CVE-2018-2839) Severity Medium Classification CVE-2020-19212 CWE-138 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N Tags Missing Update Known Vulnerabilities