6 matches found
Sql injection
The gigpress plugin before 2.3.11 for WordPress has SQL injection in the admin area, a different vulnerability than CVE-2015-4066...
CVE-2015-4066
Multiple SQL injection vulnerabilities in admin/handlers.php in the GigPress plugin before 2.3.9 for WordPress allow remote authenticated users to execute arbitrary SQL commands via the 1 showartistid or 2 showvenueid parameter in an add action in the gigpress.php page to wp-admin/admin.php...
CVE-2015-4066
CVE-2015-4066 affects the WordPress GigPress plugin (prior to version 2.3.9). The vulnerability is an SQL injection in admin/handlers.php triggered by the show_artist_id/show_venue_id parameters in an add action within gigpress.php, allowing remote authenticated users to execute arbitrary SQL com...
WordPress Plugin GigPress 2.3.8 - SQL Injection
Title: SQLi vulnerabilities in WordPress plugin "GigPress" Author: Adrián M. F. - adrimf85atgmaildotcom Date: 2015-05-25 Vendor Homepage: https://wordpress.org/plugins/gigpress/ Active installs: 20,000+ Vulnerable version: 2.3.8 Fixed version: 2.3.9 CVE: CVE-2015-4066 Vulnerabilities 2...
WordPress GigPress 2.3.8 SQL Injection Vulnerability
WordPress GigPress plugin version 2.3.8 suffers from a remote SQL injection vulnerability. Title: SQLi vulnerabilities in WordPress plugin "GigPress" Author: Adrián M. F. - adrimf85atgmaildotcom Date: 2015-05-25 Vendor Homepage: https://wordpress.org/plugins/gigpress/ Active installs: 20,000+...
WordPress GigPress 2.3.8 SQL Injection
Title: SQLi vulnerabilities in WordPress plugin "GigPress" Author: Adrián M. F. - adrimf85atgmaildotcom Date: 2015-05-25 Vendor Homepage: https://wordpress.org/plugins/gigpress/ Active installs: 20,000+ Vulnerable version: 2.3.8 Fixed version: 2.3.9 CVE: CVE-2015-4066 Vulnerabilities 2...