Rodnt

**Name of the Vulnerable Software and Affected Versions** Piwigo versions prior to 13.5.0 **Description** A SQL injection issue allows a remote attacker to execute arbitrary code via the `filter user id` parameter to the "admin.php?page=history&filter image id=&filter user id" endpoint. **Recommendations** For versions prior to 13.5.0, update to a version that includes the fix for this issue. As a temporary workaround, consider restricting access to the "admin.php?page=history&filter image id=&filter user id" endpoint until a patch is available. Avoid using the `filter user id` parameter in the affected endpoint until the issue is resolved.