CVE-2015-5682 – Powerplay Gallery <= 3.3 - Arbitrary File Upload
https://notcve.org/view.php?id=CVE-2015-5682
upload.php in the Powerplay Gallery plugin 3.3 for WordPress allows remote attackers to create arbitrary directories via vectors related to the targetDir variable. El plugin Powerplay Gallery 3.3 para WordPress presenta una vulnerabilidad en el archivo Upload.php, que permite a atacantes remotos crear directorios arbitrarios a través de vectores relacionados con la variable targetDir. • http://www.openwall.com/lists/oss-security/2015/07/27/8 http://www.vapid.dhs.org/advisory.php?v=132 • CWE-264: Permissions, Privileges, and Access Controls CWE-434: Unrestricted Upload of File with Dangerous Type •
CVE-2015-5599 – Powerplay Gallery <= 3.3 - SQL Injection
https://notcve.org/view.php?id=CVE-2015-5599
Multiple SQL injection vulnerabilities in upload.php in the Powerplay Gallery plugin 3.3 for WordPress allow remote attackers to execute arbitrary SQL commands via the (1) albumid or (2) name parameter. Vulnerabilidad de inyección SQL múltiple en upload.php en el plugin Powerplay Gallery 3.3 para WordPress, permite a atacantes remotos ejecutar comandos SQL arbitrarios a través de un parámetro (1) albumid o (2) nombre. • http://packetstormsecurity.com/files/132671/WordPress-WP-PowerPlayGallery-3.3-File-Upload-SQL-Injection.html http://seclists.org/fulldisclosure/2015/Jul/64 http://www.openwall.com/lists/oss-security/2015/07/20/1 http://www.vapid.dhs.org/advisory.php?v=132 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •