2017-10-16 12:31:07 -04:00
{
2019-03-18 00:09:15 +00:00
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org" ,
"ID" : "CVE-2015-5599" ,
"STATE" : "PUBLIC"
} ,
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a" ,
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
} ,
"vendor_name" : "n/a"
}
]
}
} ,
"data_format" : "MITRE" ,
"data_type" : "CVE" ,
"data_version" : "4.0" ,
"description" : {
"description_data" : [
2017-10-16 12:31:07 -04:00
{
2019-03-18 00:09:15 +00:00
"lang" : "eng" ,
"value" : "Multiple SQL injection vulnerabilities in upload.php in the Powerplay Gallery plugin 3.3 for WordPress allow remote attackers to execute arbitrary SQL commands via the (1) albumid or (2) name parameter."
2017-10-16 12:31:07 -04:00
}
2019-03-18 00:09:15 +00:00
]
} ,
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng" ,
"value" : "n/a"
}
]
}
]
} ,
"references" : {
"reference_data" : [
{
"name" : "[oss-security] 20150720 Re: Remote file upload vulnerability & SQLi in wordpress plugin wp-powerplaygallery v3.3" ,
"refsource" : "MLIST" ,
"url" : "http://www.openwall.com/lists/oss-security/2015/07/20/1"
} ,
{
"name" : "http://www.vapid.dhs.org/advisory.php?v=132" ,
"refsource" : "MISC" ,
"url" : "http://www.vapid.dhs.org/advisory.php?v=132"
} ,
{
"name" : "20150713 Remote file upload vulnerability & SQLi in wordpress plugin wp-powerplaygallery v3.3" ,
"refsource" : "FULLDISC" ,
"url" : "http://seclists.org/fulldisclosure/2015/Jul/64"
} ,
{
"name" : "http://packetstormsecurity.com/files/132671/WordPress-WP-PowerPlayGallery-3.3-File-Upload-SQL-Injection.html" ,
"refsource" : "MISC" ,
"url" : "http://packetstormsecurity.com/files/132671/WordPress-WP-PowerPlayGallery-3.3-File-Upload-SQL-Injection.html"
}
]
}
}
