Description

SQL injection vulnerability in fim_rss.php in the fGallery 2.4.1 plugin for WordPress allows remote attackers to execute arbitrary SQL commands via the album parameter.

Remediation

References

CVE-2008-0491

Related Vulnerabilities

Drupal Other Vulnerability (CVE-2005-3973)

PHP Other Vulnerability (CVE-2007-4889)

WordPress Plugin Testimonials Widget Cross-Site Scripting (3.5.1)

WordPress Plugin YouSayToo auto-publishing 'submit' Parameter Cross-Site Scripting (1.0.1)

WordPress Plugin BeCustom Cross-Site Request Forgery (1.0.5.2)

Severity

High

Classification

CVE-2008-0491 CWE-138

Tags

Missing Update Known Vulnerabilities