Description
SQL injection vulnerability in zp-core/full-image.php in Zenphoto 1.3 and 1.3.1.2 allows remote attackers to execute arbitrary SQL commands via the a parameter. NOTE: some of these details are obtained from third party information.
Remediation
References
Related Vulnerabilities
WordPress Plugin Rate my Post-WP Rating System Cross-Site Scripting (3.3.8)
Drupal Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-4553)
WordPress Plugin Gravity Forms SQL Injection (1.9.3.5)
Jenkins Incorrect Authorization Vulnerability (CVE-2021-21692 )
WordPress Plugin WP Helper Premium Cross-Site Scripting (4.2)