CVE-2021-40313: SQL Injection
First published: Mon Dec 06 2021(Updated: )
Piwigo v11.5 was discovered to contain a SQL injection vulnerability via the parameter pwg_token in /admin/batch_manager_global.php.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Piwigo Piwigo | =11.5.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for Piwigo v11.5?
The vulnerability ID for Piwigo v11.5 is CVE-2021-40313.
What is the severity level of CVE-2021-40313?
The severity level of CVE-2021-40313 is high.
How does CVE-2021-40313 affect Piwigo?
CVE-2021-40313 affects Piwigo v11.5.
What is the exploit type of CVE-2021-40313?
CVE-2021-40313 is a SQL injection vulnerability.
How can I fix CVE-2021-40313 in Piwigo v11.5?
To fix CVE-2021-40313 in Piwigo v11.5, apply the official patch or upgrade to a newer version that addresses the vulnerability.
- collector/nvd-index
- agent/weakness
- agent/author
- agent/severity
- agent/references
- agent/tags
- agent/description
- agent/type
- agent/event
- agent/softwarecombine
- agent/first-publish-date
- vendor/piwigo
- canonical/piwigo piwigo
- version/piwigo piwigo/11.5.0