cve/CVE-2015-5599.md at master

0xMarcio/cve

Fork 0

Files

0xMarcio cb00e1339f Update CVE list 2025-09-29 21:09

2025-09-29 21:09:30 +02:00

803 B

Raw Permalink Blame History

CVE-2015-5599

Description

Multiple SQL injection vulnerabilities in upload.php in the Powerplay Gallery plugin 3.3 for WordPress allow remote attackers to execute arbitrary SQL commands via the (1) albumid or (2) name parameter.

POC

Reference

http://packetstormsecurity.com/files/132671/WordPress-WP-PowerPlayGallery-3.3-File-Upload-SQL-Injection.html
http://seclists.org/fulldisclosure/2015/Jul/64

Github

https://github.com/20142995/nuclei-templates

803 B Raw Permalink Blame History

CVE-2015-5599

Description

POC

Reference

Github

803 B

Raw Permalink Blame History