1 results (0.003 seconds)
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 2
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 2CVE-2009-2122 – Photoracer Plugin <= 1.0 - SQL Injection
https://notcve.org/view.php?id=CVE-2009-2122
SQL injection vulnerability in viewimg.php in the Paolo Palmonari Photoracer plugin 1.0 for WordPress allows remote attackers to execute arbitrary SQL commands via the id parameter. Vulnerabilidad de inyección SQL en viewimg.php en la extensión (plugin) Paolo Palmonari Photoracer v1.0 para WordPress permite a atacantes remotos ejecutar comandos SQL de su elección mediante el parámetro "id". • https://www.exploit-db.com/exploits/8961 http://secunia.com/advisories/35450 http://www.securityfocus.com/bid/35382 https://exchange.xforce.ibmcloud.com/vulnerabilities/51152 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •