7 matches found
WordPress Photo Gallery 1.5.34 Plugin - SQL Injection Vulnerability
Exploit for php platform in category web applications Exploit Title: WordPress Plugin Photo Gallery by 10Web Add new and in add galleries / Gallery groups. GET request going with parameter albumid is vulnerable to Time Based Blind SQL injection. Following is the POC, 1...
WordPress Photo Gallery 1.5.34 SQL Injection
Exploit Title: WordPress Plugin Photo Gallery by 10Web Add new and in add galleries / Gallery groups. GET request going with parameter albumid is vulnerable to Time Based Blind SQL injection. Following is the POC, 1...
WordPress Plugin Photo Gallery 1.5.34 - SQL Injection
WordPress Plugin Photo Gallery 1.5.34 - SQL Injection Exploit Title: WordPress Plugin Photo Gallery by 10Web Add new and in add galleries / Gallery groups. GET request going with parameter albumid is vulnerable to Time Based Blind SQL injection. Following is the POC, 1...
WordPress Plugin Photo Gallery 1.5.34 - SQL Injection
Exploit Title: WordPress Plugin Photo Gallery by 10Web Add new and in add galleries / Gallery groups. GET request going with parameter albumid is vulnerable to Time Based Blind SQL injection. Following is the POC, 1...
CVE-2019-16119
SQL injection in the photo-gallery 10Web Photo Gallery plugin before 1.5.35 for WordPress exists via the admin/controllers/Albumsgalleries.php albumid parameter...
CVE-2019-16119
The CVE concerns the WordPress Photo Gallery by 10Web plugin. A SQL injection vulnerability exists in versions prior to 1.5.35, exploitable via the album_id parameter in admin/controllers/Albumsgalleries.php, allowing potential unauthorized database access or modification. Public writeups rate th...
SQL Servers Time-based SQL Injection (CVE-2011-4710; CVE-2019-13978; CVE-2019-16065; CVE-2019-16119; CVE-2019-16383; CVE-2019-16692; CVE-2020-15468; CVE-2020-26518; CVE-2020-29284; CVE-2021-21915; CVE-2021-21916; CVE-2021-21917; CVE-2022-23337; CVE-2022-25149)
SQL injection techniques can allow remote attackers to execute SQL commands on SQL servers. Successful exploitation could allow attacker to disclose confidential information, modify or shut down the database or execute arbitrary code on affected servers...