CVE-2021-40317: SQL Injection
First published: Thu May 26 2022(Updated: )
Piwigo 11.5.0 is affected by a SQL injection vulnerability via admin.php and the id parameter.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Piwigo Piwigo | =11.5.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2021-40317?
CVE-2021-40317 is a SQL injection vulnerability in Piwigo 11.5.0.
How does CVE-2021-40317 impact Piwigo?
CVE-2021-40317 allows attackers to perform SQL injection attacks via the admin.php script and the id parameter in Piwigo 11.5.0, potentially compromising the integrity and security of the database.
What is the severity of CVE-2021-40317?
CVE-2021-40317 has a severity rating of high (8.8).
How can I fix CVE-2021-40317?
To fix CVE-2021-40317, update Piwigo to a version that is not affected by the vulnerability or apply the official patch provided by the Piwigo project.
Where can I find more information about CVE-2021-40317?
You can find more information about CVE-2021-40317 on the official Piwigo GitHub repository: https://github.com/Piwigo/Piwigo/issues/1470
- collector/nvd-index
- agent/severity
- agent/references
- agent/author
- agent/tags
- agent/event
- agent/weakness
- agent/type
- agent/description
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- collector/mitre-cve
- source/MITRE
- vendor/piwigo
- canonical/piwigo piwigo
- version/piwigo piwigo/11.5.0