Description

SQL injection vulnerability in fim_rss.php in the fGallery 2.4.1 plugin for WordPress allows remote attackers to execute arbitrary SQL commands via the album parameter.

Remediation

References

CVE-2008-0491

Related Vulnerabilities

MediaWiki Resource Management Errors Vulnerability (CVE-2015-6733)

WordPress Plugin Conduit Banner 'banner-index-field-id' Parameter Cross-Site Scripting (0.2)

WordPress Plugin Ultimate Membership Pro SQL Injection (3.3)

WordPress Plugin WP-Live Chat by 3CX Arbitrary File Upload (8.0.31)

Moodle Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2014-0126)

Severity

High

Classification

CVE-2008-0491 CWE-138

Tags

Missing Update Known Vulnerabilities