Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nvd[email protected]NVD:CVE-2014-7153
HistorySep 22, 2014 - 2:55 p.m.

CVE-2014-7153

2014-09-2214:55:02
CWE-89
[email protected]
web.nvd.nist.gov
4

CVSS2

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:P/I:P/A:P

AI Score

8

Confidence

Low

EPSS

0.001

Percentile

48.0%

JSON

SQL injection vulnerability in the editgallery function in admin/gallery_func.php in the Huge-IT Image Gallery plugin 1.0.1 for WordPress allows remote authenticated users to execute arbitrary SQL commands via the removeslide parameter to wp-admin/admin.php.

Affected configurations

Nvd
Node
huge-itimage_galleryMatch1.0.1wordpress
VendorProductVersionCPE
huge-itimage_gallery1.0.1cpe:2.3:a:huge-it:image_gallery:1.0.1:*:*:*:*:wordpress:*:*

Related

patchstack 1
wpvulndb 1
cve 1
cvelist 1
prion 1
exploitdb 1
patchstack
patchstack
WordPress Huge IT Image Gallery Plugin 1.0.1 - Authenticated SQL Injection
2014-09-02 00:00:00
wpvulndb
wpvulndb
Huge IT Image Gallery 1.0.1 - SQL Injection
2014-10-11 19:57:37
cve
cve
CVE-2014-7153
2014-09-22 14:55:02
cvelist
cvelist
CVE-2014-7153
2014-09-22 14:00:00
prion
prion
Sql injection
2014-09-22 14:55:00
exploitdb
exploitdb
WordPress Plugin Huge-IT Image Gallery 1.0.1 - (Authenticated) SQL Injection
2014-09-02 00:00:00

CVSS2

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:P/I:P/A:P

AI Score

8

Confidence

Low

EPSS

0.001

Percentile

48.0%

JSON
Related for NVD:CVE-2014-7153
patchstack1wpvulndb1cve1cvelist1prion1exploitdb1