Description
SQL injection exists in Piwigo before 11.4.0 via the language parameter to admin.php?page=languages.
Remediation
References
Related Vulnerabilities
WordPress Plugin BezahlCode-Generator 'gen_name' Parameter Cross-Site Scripting (1.0)
phpBB CVE-2008-4125 Vulnerability (CVE-2008-4125)
OpenSSL Cryptographic Issues Vulnerability (CVE-2010-0742)
OpenSSL Missing Release of Memory after Effective Lifetime Vulnerability (CVE-2009-1378)
WordPress Plugin SocialFit 'msg' Parameter Cross-Site Scripting (1.2.2)