9 results (0.006 seconds)

CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0

A vulnerability classified as critical has been found in Portfolio Gallery Plugin up to 1.1.8 on WordPress. This affects an unknown part. The manipulation leads to sql injection. It is possible to initiate the attack remotely. Upgrading to version 1.1.9 is able to address this issue. • https://github.com/wp-plugins/portfolio-gallery/commit/58ed88243e17df766036f4857041edaf358076d3 https://vuldb.com/?ctiid.230085 https://vuldb.com/?id.230085 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •

CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 1

Huge-IT Portfolio Gallery manager v1.1.0 SQL Injection and XSS Inyección SQL y XSS en el gestor Huge-IT Portfolio Gallery v1.1.0 • http://huge-it.com/joomla-portfolio-gallery http://www.securityfocus.com/bid/93821 http://www.vapidlabs.com/advisory.php?v=165 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •

CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 1

Huge-IT Portfolio Gallery manager v1.1.0 SQL Injection and XSS Inyección SQL y XSS en el gestor Huge-IT Portfolio Gallery v1.1.0 • http://huge-it.com/joomla-portfolio-gallery http://www.securityfocus.com/bid/93821 http://www.vapidlabs.com/advisory.php?v=165 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •

CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 1

XSS in huge IT gallery v1.1.5 for Joomla XSS en galería huge IT v1.1.5 para Joomla • http://extensions.joomla.org/extensions/extension/photos-a-images/galleries/gallery-pro http://www.securityfocus.com/bid/92102 http://www.vapidlabs.com/advisory.php?v=164 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 2

Unauthenticated SQL Injection in Huge-IT Portfolio Gallery Plugin v1.0.6 Injection SQL no autenticada en Huge-IT Portfolio Gallery Plugin v1.0.6 Joomla Huge-IT Portfolio Gallery plugin version 1.0.6 suffers from a remote SQL injection vulnerability. • https://www.exploit-db.com/exploits/42597 http://huge-it.com/joomla-portfolio-gallery http://www.securityfocus.com/bid/93268 http://www.vapidlabs.com/advisory.php?v=170 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •