Description SQL injection vulnerability in Zenphoto before 1.4.9 allow remote administrators to execute arbitrary SQL commands. Remediation References CVE-2015-5591 Related Vulnerabilities PHP Out-of-bounds Read Vulnerability (CVE-2017-16642) WordPress Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-5490) WordPress Plugin Slider Hero with Animation, Video Background Cross-Site Scripting (8.4.3) WordPress Plugin WP Scrippets Cross-Site Scripting (1.5.1) WebLogic CVE-2021-2394 Vulnerability (CVE-2021-2394) Severity High Classification CVE-2015-5591 CWE-138 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H Tags Missing Update Known Vulnerabilities