SQL Injection Vulnerability in Zenphoto Affecting Remote Administrators
CVE-2013-7242

Currently unrated

Key Information:

Vendor

Zenphoto

Status
Zenphoto
Vendor
CVE Published:
31 December 2013

What is CVE-2013-7242?

An SQL injection vulnerability exists in Zenphoto's wordpress_import.php file, specifically impacting versions prior to 1.4.5.4. This flaw enables remote authenticated administrators to inject and execute arbitrary SQL commands through manipulation of the tableprefix parameter. Such vulnerabilities can lead to unauthorized access and potential data breaches, underscoring the importance of keeping software up to date and implementing robust security measures.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://openwall.com/lists/oss-security/2013/12/30/10
mailing-listx_refsource_MLIST
http://seclists.org/bugtraq/2013/Oct/20
mailing-listx_refsource_BUGTRAQ
http://openwall.com/lists/oss-security/2013/12/29/1
mailing-listx_refsource_MLIST

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.