Skip to content
Threat Feed

Tag

Cve-2026-27834

1 brief RSS
high advisory

Piwigo SQL Injection Vulnerability (CVE-2026-27834)

A SQL Injection vulnerability (CVE-2026-27834) exists in Piwigo versions prior to 16.3.0, allowing authenticated administrators to execute arbitrary SQL commands via the pwg.users.getList Web Service API method.

piwigo sql-injection cve-2026-27834
2r 1t 1c 1i