VYPR

Powerplay Gallery

by Powerplay Gallery Project

CVEs (2)

  • CVE-2015-5682HigMay 23, 2017
    risk 0.49cvss 7.5epss 0.02

    upload.php in the Powerplay Gallery plugin 3.3 for WordPress allows remote attackers to create arbitrary directories via vectors related to the targetDir variable.

  • CVE-2015-5599Aug 18, 2015
    risk 0.00cvss epss 0.03

    Multiple SQL injection vulnerabilities in upload.php in the Powerplay Gallery plugin 3.3 for WordPress allow remote attackers to execute arbitrary SQL commands via the (1) albumid or (2) name parameter.