1 results (0.004 seconds)

CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 4

SQL injection vulnerability in cplphoto.php in the Copperleaf Photolog plugin 0.16, and possibly earlier, for WordPress allows remote attackers to execute arbitrary SQL commands via the postid parameter. Vulnerabilidad de inyección SQL en cplphoto.php en el plugin Copperleaf Photolog V0.16, y posiblemente anteriores, para WordPress, permite a atacantes remotos ejecutar comandos SQL de su elección a través del parámetro postid. • https://www.exploit-db.com/exploits/11458 http://osvdb.org/62346 http://packetstormsecurity.org/1002-exploits/wpcopperleaf-sql.txt http://secunia.com/advisories/38579 http://www.exploit-db.com/exploits/11458 http://www.securityfocus.com/bid/38239 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •