Description
Piwigo 13.6.0 is vulnerable to SQL Injection via in the "profile" function.
Remediation
References
Related Vulnerabilities
WordPress Plugin Knews Multilingual Newsletters 'ff' Parameter Cross-Site Scripting (1.1.0)
Oracle JRE CVE-2020-2655 Vulnerability (CVE-2020-2655)
IBM RTC Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-1251)
Joomla Improper Neutralization of Formula Elements in a CSV File Vulnerability (CVE-2019-12765)