CVE ID : CVE-2024-43018
Published : July 29, 2025, 8:15 p.m. | 3 hours, 12 minutes ago
Description : Piwigo 13.8.0 and below is vulnerable to SQL Injection in the parameters max_level and min_register. These parameters are used in ws_user_gerList function from file includews_functionspwg.users.php and this same function is called by ws.php file at some point can be used for searching users in advanced way in /admin.php?page=user_list.
Severity: 6.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
Source: Read More
