CVE-2015-5599

Multiple SQL injection vulnerabilities in upload.php in the Powerplay Gallery plugin 3.3 for WordPress allow remote attackers to execute arbitrary SQL commands via the (1) albumid or (2) name parameter.

CVSS v2.0 7.5 HIGH

7.5^/10

CVSS v2.0 : HIGH

Vector : AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability : 10.0 / Impact : 6.4

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References

Link	Resource
http://www.vapid.dhs.org/advisory.php?v=132	Exploit Third Party Advisory
http://www.openwall.com/lists/oss-security/2015/07/20/1	Exploit Mailing List Third Party Advisory VDB Entry
http://seclists.org/fulldisclosure/2015/Jul/64	Exploit Mailing List Third Party Advisory
http://packetstormsecurity.com/files/132671/WordPress-WP-PowerPlayGallery-3.3-File-Upload-SQL-Injection.html	Exploit Third Party Advisory VDB Entry

Advertisement

Configurations

Configuration 1 (hide)

cpe:2.3:a:powerplay_gallery_project:powerplay_gallery:3.3:*:*:*:*:wordpress:*:*

Information

Published : 2015-08-18 08:59

Updated : 2019-07-09 05:15

NVD link : CVE-2015-5599

Mitre link : CVE-2015-5599

JSON object : View

CWE

CWE-89

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

Advertisement

Products Affected

powerplay_gallery_project

powerplay_gallery

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "http://www.vapid.dhs.org/advisory.php?v=132", "name": "http://www.vapid.dhs.org/advisory.php?v=132", "tags": ["Exploit", "Third Party Advisory"], "refsource": "MISC"}, {"url": "http://www.openwall.com/lists/oss-security/2015/07/20/1", "name": "[oss-security] 20150720 Re: Remote file upload vulnerability & SQLi in wordpress plugin wp-powerplaygallery v3.3", "tags": ["Exploit", "Mailing List", "Third Party Advisory", "VDB Entry"], "refsource": "MLIST"}, {"url": "http://seclists.org/fulldisclosure/2015/Jul/64", "name": "20150713 Remote file upload vulnerability & SQLi in wordpress plugin wp-powerplaygallery v3.3", "tags": ["Exploit", "Mailing List", "Third Party Advisory"], "refsource": "FULLDISC"}, {"url": "http://packetstormsecurity.com/files/132671/WordPress-WP-PowerPlayGallery-3.3-File-Upload-SQL-Injection.html", "name": "http://packetstormsecurity.com/files/132671/WordPress-WP-PowerPlayGallery-3.3-File-Upload-SQL-Injection.html", "tags": ["Exploit", "Third Party Advisory", "VDB Entry"], "refsource": "MISC"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "Multiple SQL injection vulnerabilities in upload.php in the Powerplay Gallery plugin 3.3 for WordPress allow remote attackers to execute arbitrary SQL commands via the (1) albumid or (2) name parameter."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "CWE-89"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2015-5599", "ASSIGNER": "cve@mitre.org"}}, "impact": {"baseMetricV2": {"cvssV2": {"version": "2.0", "baseScore": 7.5, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "severity": "HIGH", "impactScore": 6.4, "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}}, "publishedDate": "2015-08-18T15:59Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:powerplay_gallery_project:powerplay_gallery:3.3:*:*:*:*:wordpress:*:*", "cpe_name": [], "vulnerable": true}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2019-07-09T12:15Z"}