Full title: Wordpress Video Gallery 2.7.0 SQL Injection Vulnerability 
Category: web applications
Platform: php
Photo Gallery Plugin for WordPress contains a flaw that allows a remote attacker to execute arbitrary PHP code. This flaw exists because the photo-gallery\photo-gallery.php script allows access to filemanager\UploadHandler.php. The post() method in UploadHandler.php

# 0day.today @ http://0day.today/