CVE-2015-6522

SQL injection vulnerability in the WP Symposium plugin before 15.8 for WordPress allows remote attackers to execute arbitrary SQL commands…

mitre·CWE-89·Published 2015-08-19

CVSS

—

EPSS

0.74

KEV

Exploits

cve.orgen

184 chars

SQL injection vulnerability in the WP Symposium plugin before 15.8 for WordPress allows remote attackers to execute arbitrary SQL commands via the size parameter to get_album_item.php.

NVDen

184 chars

SQL injection vulnerability in the WP Symposium plugin before 15.8 for WordPress allows remote attackers to execute arbitrary SQL commands via the size parameter to get_album_item.php.

NVDes

216 chars

Vulnerabilidad de inyección SQL en el plugin WP Symposium en versiones anteriores a 15.8 para WordPress, permite a atacantes remotos ejecutar comandos SQL arbitrarios a través del parámetro size a get_album_item.php.

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
2.0	Primary	NVD	7.5	10.0	6.4	AV:N/AC:L/Au:N/C:P/I:P/A:P