CVE-2014-9115 | Piwigo up to 2.6.3 rate_picture rate sql injection (ID 30563 / EDB-35221)
A vulnerability, which was classified as critical, has been found in Piwigo. Affected by this issue is the function rate_picture. The manipulation of the argument rate leads to sql injection.
This vulnerability is handled as CVE-2014-9115. The attack may be launched remotely. Furthermore, there is an exploit available.
It is recommended to upgrade the affected component.