Description
SQL Injection vulnerability in admin/user_perm.php in piwigo v2.9.5, via the cat_false parameter to admin.php?page=group_perm.
Remediation
References
Related Vulnerabilities
WordPress Plugin Anti Spam Protection without CAPTCHA powered by Keypic Security Bypass (2.1.2)
WordPress Plugin Drag and Drop Multiple File Upload-Contact Form 7 Arbitrary File Upload (1.3.5.4)
Sqlite Use After Free Vulnerability (CVE-2020-13630)