Description
SQL injection vulnerability in zp-core/zp-extensions/wordpress_import.php in Zenphoto before 1.4.5.4 allows remote authenticated administrators to execute arbitrary SQL commands via the tableprefix parameter.
Remediation
References
Related Vulnerabilities
WordPress Plugin ChikunCount Arbitrary File Upload (1.3)
ownCloud CVE-2013-0302 Vulnerability (CVE-2013-0302)
MySQL CVE-2020-14814 Vulnerability (CVE-2020-14814)
WordPress Plugin Click to Copy Grab Box Multiple Cross-Site Scripting Vulnerabilities (0.1.1)
Atlassian Jira Deserialization of Untrusted Data Vulnerability (CVE-2020-14172)