Unrated severityNVD Advisory· Published Jan 13, 2026· Updated Apr 7, 2026
VIAVIWEB Wallpaper Admin 1.0 SQL Injection via edit_gallery_image.php
CVE-2022-50894
Description
VIAVIWEB Wallpaper Admin 1.0 contains an SQL injection vulnerability that allows authenticated attackers to manipulate database queries by injecting SQL code through the img_id parameter. Attackers can send GET requests to edit_gallery_image.php with malicious img_id values to extract database information.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
1- Range: 1.0
Patches
Vulnerability mechanics
References
3- www.exploit-db.com/exploits/51033mitreexploit
- www.vulncheck.com/advisories/viaviweb-wallpaper-admin-sql-injection-via-editgalleryimagephpmitrethird-party-advisory
- www.viaviweb.commitreproduct
News mentions
0No linked articles in our index yet.