1 matches found
Sql injection
The zm-gallery plugin 1.0 for WordPress has SQL injection via the order parameter...