CVE-2014-7153
CVE-2014-7153
SQL injection vulnerability in the editgallery function in admin/gallery_func.php in the Huge-IT Image Gallery plugin 1.0.1 for WordPress allows remote authenticated users to execute arbitrary SQL commands via the removeslide parameter to wp-admin/admin.php.
Affected products
n/a · n/apublic PoCs found — 2
cve_referencepacketstormsecurity.com/files/128118/WordPress-Huge-IT-Image-Gallery-1.0.0-SQL-Injection.htmlunverifiedexploitdbwww.exploit-db.com/exploits/34524unverified⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.
Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →