2 results (0.005 seconds)

CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0

A vulnerability classified as critical has been found in Portfolio Gallery Plugin up to 1.1.8 on WordPress. This affects an unknown part. The manipulation leads to sql injection. It is possible to initiate the attack remotely. Upgrading to version 1.1.9 is able to address this issue. • https://github.com/wp-plugins/portfolio-gallery/commit/58ed88243e17df766036f4857041edaf358076d3 https://vuldb.com/?ctiid.230085 https://vuldb.com/?id.230085 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •

CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 2

Unauthenticated SQL Injection in Huge-IT Portfolio Gallery Plugin v1.0.6 Injection SQL no autenticada en Huge-IT Portfolio Gallery Plugin v1.0.6 Joomla Huge-IT Portfolio Gallery plugin version 1.0.6 suffers from a remote SQL injection vulnerability. • https://www.exploit-db.com/exploits/42597 http://huge-it.com/joomla-portfolio-gallery http://www.securityfocus.com/bid/93268 http://www.vapidlabs.com/advisory.php?v=170 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •