1. Home
  2. CVEs with refmap.fulldisc==20140429 Arbitrary code execution by admins in File Gallery 1.7.7 (WordPress plugin)
Max CVSS 6.5 Min CVSS 6.5 Total Count2
IDCVSSSummaryLast (major) updatePublished
CVE-2014-2558 6.5
The File Gallery plugin before 1.7.9.2 for WordPress does not properly escape strings, which allows remote administrators to execute arbitrary PHP code via a \' (backslash quote) in the setting fields to /wp-admin/options-media.php, related to the cr
07-05-2014 - 13:23 06-05-2014 - 14:55
Back to Top Mark selected
Back to Top