Description SQL injection vulnerability in Zenphoto before 1.4.9 allow remote administrators to execute arbitrary SQL commands. Remediation References CVE-2015-5591 Related Vulnerabilities WordPress 4.2.x Cross-Domain Flash Injection Vulnerability (4.2 - 4.2.18) WordPress Plugin Child Theme Creator by Orbisius Arbitrary File Modification (1.2.6) Atlassian Jira Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-39111) WordPress Plugin Donations Privilege Escalation (1.3) Beego Framework Incorrect Default Permissions Vulnerability (CVE-2019-16355) Severity High Classification CVE-2015-5591 CWE-138 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H Tags Missing Update Known Vulnerabilities