SQL injection vulnerability in Piwigo before 2.5.6, 2.6.x before 2.6.5, and 2.7.x before 2.7.3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.Referenceshttp://piwigo.org/releases/2.6.5http://secunia.com/advisories/62606http://piwigo.org/releases/2.7.3http://piwigo.org/forum/viewtopic.php?id=25016http://www.securityfocus.com/bid/72400http://piwigo.org/releases/2.5.6
