Lucene search
K

7 matches found

0day.today
0day.today
added 2019/09/10 12:0 a.m.96 views

WordPress Photo Gallery 1.5.34 Plugin - SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: WordPress Plugin Photo Gallery by 10Web Add new and in add galleries / Gallery groups. GET request going with parameter albumid is vulnerable to Time Based Blind SQL injection. Following is the POC, 1...

7.5CVSS0.3AI score0.25438EPSS
Exploits4
Packet Storm
Packet Storm
added 2019/09/10 12:0 a.m.330 views

WordPress Photo Gallery 1.5.34 SQL Injection

Exploit Title: WordPress Plugin Photo Gallery by 10Web Add new and in add galleries / Gallery groups. GET request going with parameter albumid is vulnerable to Time Based Blind SQL injection. Following is the POC, 1...

7.5CVSS0.5AI score0.25438EPSS
Exploits4
exploitpack
exploitpack
added 2019/09/10 12:0 a.m.98 views

WordPress Plugin Photo Gallery 1.5.34 - SQL Injection

WordPress Plugin Photo Gallery 1.5.34 - SQL Injection Exploit Title: WordPress Plugin Photo Gallery by 10Web Add new and in add galleries / Gallery groups. GET request going with parameter albumid is vulnerable to Time Based Blind SQL injection. Following is the POC, 1...

7.5CVSS0.6AI score0.25438EPSS
Exploits4
Exploit DB
Exploit DB
added 2019/09/10 12:0 a.m.320 views

WordPress Plugin Photo Gallery 1.5.34 - SQL Injection

Exploit Title: WordPress Plugin Photo Gallery by 10Web Add new and in add galleries / Gallery groups. GET request going with parameter albumid is vulnerable to Time Based Blind SQL injection. Following is the POC, 1...

9.8CVSS9.8AI score0.25438EPSS
Exploits4
NVD
NVD
added 2019/09/08 11:15 p.m.44 views

CVE-2019-16119

SQL injection in the photo-gallery 10Web Photo Gallery plugin before 1.5.35 for WordPress exists via the admin/controllers/Albumsgalleries.php albumid parameter...

9.8CVSS9.9AI score0.25438EPSS
Exploits4References4
CVE
CVE
added 2019/09/08 10:48 p.m.174 views

CVE-2019-16119

The CVE concerns the WordPress Photo Gallery by 10Web plugin. A SQL injection vulnerability exists in versions prior to 1.5.35, exploitable via the album_id parameter in admin/controllers/Albumsgalleries.php, allowing potential unauthorized database access or modification. Public writeups rate th...

9.8CVSS9.8AI score0.25438EPSS
Exploits4References4Affected Software1
Check Point Advisories
Check Point Advisories
added 2014/05/26 12:0 a.m.162 views

SQL Servers Time-based SQL Injection (CVE-2011-4710; CVE-2019-13978; CVE-2019-16065; CVE-2019-16119; CVE-2019-16383; CVE-2019-16692; CVE-2020-15468; CVE-2020-26518; CVE-2020-29284; CVE-2021-21915; CVE-2021-21916; CVE-2021-21917; CVE-2022-23337; CVE-2022-25149)

SQL injection techniques can allow remote attackers to execute SQL commands on SQL servers. Successful exploitation could allow attacker to disclose confidential information, modify or shut down the database or execute arbitrary code on affected servers...

9CVSS7.4AI score0.77956EPSS
Exploits33
Rows per page
Query Builder