Filtered by vendor Powerplay Gallery Project Subscriptions
Total 2 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2015-5682 1 Powerplay Gallery Project 1 Powerplay Gallery 2024-11-21 N/A
upload.php in the Powerplay Gallery plugin 3.3 for WordPress allows remote attackers to create arbitrary directories via vectors related to the targetDir variable.
CVE-2015-5599 1 Powerplay Gallery Project 1 Powerplay Gallery 2024-11-21 N/A
Multiple SQL injection vulnerabilities in upload.php in the Powerplay Gallery plugin 3.3 for WordPress allow remote attackers to execute arbitrary SQL commands via the (1) albumid or (2) name parameter.