1 results (0.005 seconds)
CVSS: 9.8EPSS: 1%CPEs: 1EXPL: 2
CVSS: 9.8EPSS: 1%CPEs: 1EXPL: 2CVE-2017-14125 – Gallery – Image and Video Gallery with Thumbnails < 1.2.1 - SQL Injection
https://notcve.org/view.php?id=CVE-2017-14125
21 Sep 2017 — SQL injection vulnerability in the Responsive Image Gallery plugin before 1.2.1 for WordPress allows remote attackers to execute arbitrary SQL commands via the "id" parameter in an add_edit_theme task in the wpdevart_gallery_themes page to wp-admin/admin.php. Una vulnerabilidad de inyección SQL en el plugin Responsive Image Gallery en versiones anteriores a la 1.2.1 para WordPress permite que atacantes remotos ejecuten comandos SQL arbitrarios mediante el parámetro id en una tarea en la página add_edit_them... • https://packetstorm.news/files/id/144288 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •