Lucene search
Claudio VivianiPATCHSTACK:E99A011670731492AC4E9C5E6BA5F46DHistoryNov 26, 2014 - 12:00 a.m.
WordPress Apptha Video Gallery Plugin <= 2.5 - Multiple SQL Injection
2014-11-2600:00:00
Claudio Viviani
patchstack.com
6
0.002 Low
EPSS
Percentile
61.5%
Because of these vulnerabilities, the attackers can execute arbitrary SQL commands via the “videoId” parameter in a newvideo page to wp-admin/admin.php, “vid” parameter in a myextract action to wp-admin/admin-ajax.php or “playlistId” parameter in the newplaylist page.
Solution
Update the plugin.
| CPE | Name | Operator | Version |
|---|---|---|---|
| apptha video gallery | le | 2.5 |
Related
patchstack
patchstack
WordPress Video Gallery Plugin 2.5 - Multiple Vulnerabilities
2014-07-24 00:00:00
WordPress Video Gallery Plugin 2.7.0 - SQL Injection
2015-02-12 00:00:00
WordPress Video Gallery Plugin 2.5 - Multiple Vulnerabilities
2014-07-24 00:00:00
cve
cve
CVE-2014-9097
2022-10-03 16:20:41
checkpoint_advisories
checkpoint_advisories
Wordpress Video Gallery Plugin SQL Injection (CVE-2014-9097)
2015-02-12 00:00:00
nvd
nvd
CVE-2014-9097
2014-11-26 15:59:13
prion
prion
Sql injection
2014-11-26 15:59:00
zdt
zdt
Wordpress Video Gallery 2.7.0 SQL Injection Vulnerability
2015-02-12 00:00:00
cvelist
cvelist
CVE-2014-9097
2022-10-03 16:20:41
wpvulndb
wpvulndb
Contus Video Gallery 2.3.1.0.1 - SQL Injection
2014-09-23 14:06:12