Lucene search
HistoryFeb 02, 2015 - 3:59 p.m.
CVE-2015-1393
cve-2015-1393
sql injection
wordpress
photo gallery plugin
vulnerability
nvd
security
6.5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:P/A:P
8.1 High
AI Score
Confidence
Low
0.001 Low
EPSS
Percentile
44.2%
SQL injection vulnerability in the Photo Gallery plugin before 1.2.11 for WordPress allows remote authenticated users to execute arbitrary SQL commands via the asc_or_desc parameter in a create gallery request in the galleries_bwg page to wp-admin/admin.php.
Affected configurations
Node
10webphoto_galleryRange≤1.2.9wordpress
| CPE | Name | Operator | Version |
|---|---|---|---|
| 10web:photo_gallery | 10web photo gallery | le | 1.2.9 |
Related
prion
prion
Sql injection
2015-02-02 15:59:00
cvelist
cvelist
CVE-2015-1393
2015-02-02 15:00:00
packetstorm
packetstorm
WordPress Photo Gallery 1.2.8 SQL Injection
2015-01-29 00:00:00
wpvulndb
wpvulndb
Photo Gallery <= 1.2.8 - Blind SQL Injection
2015-01-28 00:00:00
patchstack
patchstack
WordPress Photo Gallery plugin <= 1.2.100 - SQL Injection
2015-01-27 00:00:00
securityvulns
securityvulns
nvd
nvd
CVE-2015-1393
2015-02-02 15:59:07
zdt
zdt
WordPress Photo Gallery 1.2.8 XSS / SQL Injection Vulnerabilities
2015-01-29 00:00:00
6.5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:P/A:P
8.1 High
AI Score
Confidence
Low
0.001 Low
EPSS
Percentile
44.2%
Related for CVE-2015-1393