vendor:
Simple Photo Gallery
by:
woodspeed
7.5
CVSS
HIGH
Blind SQL Injection
89
CWE
Product Name: Simple Photo Gallery
Affected Version From: 1.7.2008
Affected Version To: 1.7.2008
Patch Exists: YES
Related CWE: N/A
CPE: a:wordpress:simple_photo_gallery:1.7.8
Metasploit:
N/A
Other Scripts:
N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References:
N/A
Nuclei Metadata: N/A
Platforms Tested: Apache 2.2.22, PHP 5.3.10
2015
Wordpess Simple Photo Gallery Blind SQL Injection
Unauthenticated Blind SQL Injection via gallery_id field.
Mitigation:
Fixed in version 1.8.0