Piwigo Improper Neutralization of Special Elements used in an SQL Command (SQL Injection) Vulnerability - CVE-2020-19217 - Vulnerability Database
Piwigo Improper Neutralization of Special Elements used in an SQL Command (SQL Injection) Vulnerability - CVE-2020-19217
High
Reference:
CVE-2020-19217
Title:
Piwigo Improper Neutralization of Special Elements used in an SQL Command (SQL Injection) Vulnerability
Overview:
SQL Injection vulnerability in admin/batch_manager.php in piwigo v2.9.5 via the filter_category parameter to admin.phppagebatch_manager.