Vulnerabilities > Photocati Media
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2015-03-05 | CVE-2015-2216 | SQL Injection vulnerability in Photocati Media Photocrati 4.07 SQL injection vulnerability in ecomm-sizes.php in the Photocrati theme 4.x for WordPress allows remote attackers to execute arbitrary SQL commands via the prod_id parameter. | 7.5 |
2015-01-13 | CVE-2014-100016 | Cross-site Scripting vulnerability in Photocati Media Photocrati Cross-site scripting (XSS) vulnerability in photocrati-gallery/ecomm-sizes.php in the Photocrati theme for WordPress allows remote attackers to inject arbitrary web script or HTML via the prod_id parameter. | 4.3 |