Description
Zenphoto versions prior to 1.5.7 allows an attacker to conduct PHP code injection attacks by leading a user to upload a specially crafted .zip file.
Remediation
References
Related Vulnerabilities
WordPress Plugin Magic Fields 2 Unspecified Vulnerability (2.3.2.2)
WordPress Plugin WP Easy Poll Multiple Vulnerabilities (1.1.3)
MySQL CVE-2020-2573 Vulnerability (CVE-2020-2573)
Atlassian Jira Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2019-11588)
Internet Information Services Integer Overflow or Wraparound Vulnerability (CVE-2008-1446)