Huge IT Image Gallery 1.0.1 – SQL Injection | CVE 2014-7153

Affects Plugins

gallery-images

Fixed in 1.0.7

References

CVE

CVE-2014-7153

Exploitdb

34524

URL

https://packetstormsecurity.com/files/#128118/

Classification

Type

SQLI

OWASP top 10

A1: Injection

CWE

CWE-89

Miscellaneous

Submitter

pvdl

Verified

No

WPVDB ID

06d9f435-5be1-44b0-86a4-1aca888dc46e

Timeline

Publicly Published

2014-10-11 (about 11 years ago)

Added

2014-10-11 (about 11 years ago)

Last Updated

2019-10-21 (about 6 years ago)

Other

Published

Title

Published

2024-04-29

Title

School Management Pro <= 10.3.4 - Authenticated (School Admin+) SQL Injection

Published

2021-09-20

Title

MainWP Child Reports < 2.0.8 - Admin+ SQL Injection

Published

2025-02-21

Title

Doctor Appointment Booking <= 1.0.0 - Authenticated (Subscriber+) SQL Injection

Published

2025-04-25

Title

WP HRM LITE <= 1.1 - Unauthenticated SQL Injection

Published

2021-06-29

Title

Portfolio Responsive Gallery < 1.1.8 - Authenticated Blind SQL Injections