High

DATE	CVE	VULNERABILITY TITLE	RISK
2020-06-01	CVE-2014-8945	OS Command Injection vulnerability in Piwigo Lexiglot 20141110 admin.php?page=projects in Lexiglot through 2014-11-20 allows command injection via username and password fields. piwigo CWE-78	7.5
2020-06-01	CVE-2014-8941	SQL Injection vulnerability in Piwigo Lexiglot 20141110 Lexiglot through 2014-11-20 allows SQL injection via an admin.php?page=users&from_id= or admin.php?page=history&limit= URI. piwigo CWE-89	7.5