RSS   Podatności dla 'Powerplay gallery'   RSS

2015-08-18
 
CVE-2015-5681

 
 
Unrestricted file upload vulnerability in upload.php in the Powerplay Gallery plugin 3.3 for WordPress allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in *_uploadfolder/big/.

 
 
CVE-2015-5599

CWE-89
 
 
Multiple SQL injection vulnerabilities in upload.php in the Powerplay Gallery plugin 3.3 for WordPress allow remote attackers to execute arbitrary SQL commands via the (1) albumid or (2) name parameter.

 

 >>> Vendor: Wpslideshow 2 Produkty
Image news slider
Powerplay gallery

Copyright 2024, cxsecurity.com

 

Back to Top