Cool Video Gallery <= 1.9 - Authenticated Comm& Injection

Sign up to our free email alerts service for instant vulnerability notifications!

Affects

Plugin cool-video-gallery
fixed in version 2.0

References

CVE 2015-7527
URL http://www.vapidlabs.com/advisory.php?v=158
URL http://www.openwall.com/lists/oss-security/2015/12/02/9
URL https://wordpress.org/support/topic/command-injection-vulnerability-in-v19
URL http://seclists.org/bugtraq/2015/Dec/27
URL https://plugins.trac.wordpress.org/changeset/1368619/cool-video-gallery

Classification

Type RCE
OWASP Top 10 A1: Injection
CWE CWE-94

Miscellaneous

Submitter ethicalhack3r
Submitter Website https://dewhurstsecurity.com/
Submitter Twitter ethicalhack3r
Views 237
Verified No
WPVDB ID 8348

Timeline

Publicly Published 2015-12-02 (about 1 year ago)
Added 2015-12-04 (about 1 year ago)
Last Updated 2016-04-01 (8 months ago)

Copyright & License

Copyright All data and resources contained within this page and this web site is Copyright © The WPScan Team.
License Some of this data may be used for non-commercial purposes, however, any potential commercial usage of this data will require a license. If you would like to inquire about a commercial license please contact us.