Description
SQL injection vulnerability in zp-core/full-image.php in Zenphoto 1.3 and 1.3.1.2 allows remote attackers to execute arbitrary SQL commands via the a parameter. NOTE: some of these details are obtained from third party information.
Remediation
References
Related Vulnerabilities
WordPress Plugin Word Balloon Cross-Site Scripting (4.19.2)
WordPress Plugin Simple File List Arbitrary File Upload (4.2.2)
Oracle Application Server Other Vulnerability (CVE-2005-3448)
MySQL CVE-2013-5770 Vulnerability (CVE-2013-5770)
WordPress Plugin Request Quote via Whatsapp for Woocommerce Cross-Site Scripting (1.0.1)