1 results (0.014 seconds)
CVSS: 9.8EPSS: 3%CPEs: 2EXPL: 1
CVSS: 9.8EPSS: 3%CPEs: 2EXPL: 1CVE-2012-6653 – All Video Gallery <= 1.1 - SQL Injection
https://notcve.org/view.php?id=CVE-2012-6653
02 Nov 2012 — Unspecified vulnerability in the All Video Gallery (all-video-gallery) plugin before 1.2.0 for WordPress has unspecified impact and attack vectors. Vulnerabilidad no especificada en el plugin All Video Gallery (all-video-gallery) anterior a 1.2.0 para WordPress tiene un impacto y vectores de ataque no especificados. The All Video Gallery plugin for WordPress is vulnerable to blind SQL Injection via the ‘ vid’ and 'pid' parameters in versions up to, and including, 1.1 due to insufficient escaping on the user... • https://www.exploit-db.com/exploits/22427 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •