Description SQL injection vulnerability in Zenphoto before 1.4.9 allow remote administrators to execute arbitrary SQL commands. Remediation References CVE-2015-5591 Related Vulnerabilities PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2012-2329) WordPress Plugin ActiveHelper LiveHelp Live Chat Multiple Cross-Site Scripting Vulnerabilities (3.1.0) WordPress Plugin Post Views Counter Cross-Site Scripting (1.3.4) WordPress Plugin Buzzwords Cross-Site Scripting (1.1.0) Drupal Other Vulnerability (CVE-2016-3164) Severity High Classification CVE-2015-5591 CWE-138 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H Tags Missing Update Known Vulnerabilities