Exploitation Summary
EIP tracks 1 public exploit for CVE-2014-5201. PoCs published by Claudio Viviani.
AI-analyzed exploit summary This exploit demonstrates a SQL injection vulnerability in WordPress Gallery Objects plugin version 0.4. The PoC provides a URL-based payload to trigger a boolean-based blind SQL injection via the 'viewid' parameter.
Description
SQL injection vulnerability in the Gallery Objects plugin 0.4 for WordPress allows remote attackers to execute arbitrary SQL commands via the viewid parameter in a go_view_object action to wp-admin/admin-ajax.php.
Exploits (1)
This exploit demonstrates a SQL injection vulnerability in WordPress Gallery Objects plugin version 0.4. The PoC provides a URL-based payload to trigger a boolean-based blind SQL injection via the 'viewid' parameter.