RSS   Vulnerabilities for 'Powerplay gallery'   RSS

2015-08-18
 
CVE-2015-5681

 

 
Unrestricted file upload vulnerability in upload.php in the Powerplay Gallery plugin 3.3 for WordPress allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in *_uploadfolder/big/.

 
 
CVE-2015-5599

CWE-89
 

 
Multiple SQL injection vulnerabilities in upload.php in the Powerplay Gallery plugin 3.3 for WordPress allow remote attackers to execute arbitrary SQL commands via the (1) albumid or (2) name parameter.

 

 >>> Vendor: Wpslideshow 2 Products
Image news slider
Powerplay gallery


Copyright 2024, cxsecurity.com

 

Back to Top