CVE-2014-125101

A vulnerability classified as critical has been found in Portfolio Gallery Plugin up to 1.1.8 on WordPress. This affects an unknown part. The manipulation leads to sql injection. It is possible to initiate the attack remotely. Upgrading to version 1.1.9 is able to address this issue. The identifier of the patch is 58ed88243e17df766036f4857041edaf358076d3. It is recommended to upgrade the affected component. The identifier VDB-230085 was assigned to this vulnerability.
References
Configurations

Configuration 1 (hide)

cpe:2.3:a:huge-it:portfolio_gallery:*:*:*:*:*:wordpress:*:*

History

21 Nov 2024, 02:03

Type Values Removed Values Added
References () https://github.com/wp-plugins/portfolio-gallery/commit/58ed88243e17df766036f4857041edaf358076d3 - Patch () https://github.com/wp-plugins/portfolio-gallery/commit/58ed88243e17df766036f4857041edaf358076d3 - Patch
References () https://vuldb.com/?ctiid.230085 - Permissions Required, Third Party Advisory () https://vuldb.com/?ctiid.230085 - Permissions Required, Third Party Advisory
References () https://vuldb.com/?id.230085 - Permissions Required, Third Party Advisory () https://vuldb.com/?id.230085 - Permissions Required, Third Party Advisory
CVSS v2 : 6.5
v3 : 9.8
v2 : 6.5
v3 : 6.3

20 Oct 2023, 08:15

Type Values Removed Values Added
Summary A vulnerability classified as critical has been found in Portfolio Gallery Plugin up to 1.1.8 on WordPress. This affects an unknown part. The manipulation leads to sql injection. It is possible to initiate the attack remotely. Upgrading to version 1.1.9 is able to address this issue. The name of the patch is 58ed88243e17df766036f4857041edaf358076d3. It is recommended to upgrade the affected component. The identifier VDB-230085 was assigned to this vulnerability. A vulnerability classified as critical has been found in Portfolio Gallery Plugin up to 1.1.8 on WordPress. This affects an unknown part. The manipulation leads to sql injection. It is possible to initiate the attack remotely. Upgrading to version 1.1.9 is able to address this issue. The identifier of the patch is 58ed88243e17df766036f4857041edaf358076d3. It is recommended to upgrade the affected component. The identifier VDB-230085 was assigned to this vulnerability.

02 Jun 2023, 18:23

Type Values Removed Values Added
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 9.8
References (MISC) https://vuldb.com/?id.230085 - (MISC) https://vuldb.com/?id.230085 - Permissions Required
References (MISC) https://github.com/wp-plugins/portfolio-gallery/commit/58ed88243e17df766036f4857041edaf358076d3 - (MISC) https://github.com/wp-plugins/portfolio-gallery/commit/58ed88243e17df766036f4857041edaf358076d3 - Patch
References (MISC) https://vuldb.com/?ctiid.230085 - (MISC) https://vuldb.com/?ctiid.230085 - Permissions Required
CPE cpe:2.3:a:huge-it:portfolio_gallery:*:*:*:*:*:wordpress:*:*
First Time Huge-it
Huge-it portfolio Gallery

28 May 2023, 13:15

Type Values Removed Values Added
New CVE

Information

Published : 2023-05-28 13:15

Updated : 2024-11-21 02:03


NVD link : CVE-2014-125101

Mitre link : CVE-2014-125101

CVE.ORG link : CVE-2014-125101


JSON object : View

Products Affected

huge-it

  • portfolio_gallery
CWE
CWE-89

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')