2 matches found
Wordpress Video Gallery Plugin SQL Injection (CVE-2014-9097)
An SQL injection vulnerability has been reported in Wordpress Video Gallery Plugin. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system...
CVE-2014-9097
CVE-2014-9097 involves multiple SQL injection vulnerabilities in the Apptha WordPress Video Gallery (contus-video-gallery) plugin 2.5. The issues allow (1) remote attackers to execute arbitrary SQL via vid in myextract action to wp-admin/admin-ajax.php, (2) remote authenticated users to run SQL v...