CVE-2019-16119
SQL injection in the photo-gallery (10Web Photo Gallery) plugin before 1.5.35 for WordPress exists via the admin/controllers/Albumsgalleries.php album_id parameter.
We have discovered 15,718 live websites that are affected by CVE-2019-16119.
Affected Software
| Product |  Photo Gallery by 10Web |
| Category | Wordpress Plugins |
| Vulnerable Domains | 15,718 live websites (14.97% of Photo Gallery by 10Web install base) |
| Vulnerable Versions |
|
| Vulnerable Versions Count | 240 versions ( 39.02% of all versions) |
Details
- Published - Sep 9, 2019
- Updated - Aug 5, 2024
CVE References
CVE-2019-16119 usage by Country
 United States | 3,815 websites |
 Germany | 1,740 websites |
 Russia | 983 websites |
 Poland | 930 websites |
 France | 914 websites |
 GB | 558 websites |
 Italy | 483 websites |
 Japan | 399 websites |
 Netherlands | 372 websites |
 Hungary | 344 websites |
CVE-2019-16119 usage by TLD
| .com | 5,557 websites |
| .de | 902 websites |
| .ru | 817 websites |
| .pl | 731 websites |
| .org | 729 websites |
| .it | 377 websites |
| .co.uk | 367 websites |
| .net | 346 websites |
| .fr | 321 websites |
| .nl | 313 websites |
Vulnerable Versions
Vulnerable versions are highlighted in redWebsites affected by CVE-2019-16119
Top websites that are affected by CVE-2019-16119. Please click on the "Contact us" link to get more information.| Domain | Country | Rank | Contacts |
|---|---|---|---|
| *********.kz |  Kazakhstan | **,*** | |
| ************.ru | Russia | **,*** | |
| ***********.org | United States | **,*** | |
| ****************.org | United States | **,*** | |
| *********.net | Italy | ***,*** | |
| ****.org | United States | ***,*** | |
| **********************.**.za | United States | ***,*** | |
| ***********.com | United States | ***,*** | |
| **********.com | United States | ***,*** | |
| ********.com | United States | ***,*** |
FAQ
A total of 15,718 websites have been identified as vulnerable to CVE-2019-16119, discovered through global website indexing conducted by WebTechSurvey.
Photo Gallery by 10Web is susceptible to CVE-2019-16119 vulnerability.
Photo Gallery by 10Web versions before 1.5.35 are vulnerable to CVE-2019-16119.
Version 1.5.35 of Photo Gallery by 10Web addresses the CVE-2019-16119 security vulnerability.
References
- https://wordpress.org/plugins/photo-gallery/#developers
- https://plugins.trac.wordpress.org/changeset/2150912/photo-gallery/trunk/admin/controllers/Albumsgalleries.php?old=1845136&old_path=photo-gallery%2Ftrunk%2Fadmin%2Fcontrollers%2FAlbumsgalleries.php
- https://wpvulndb.com/vulnerabilities/9872
- http://packetstormsecurity.com/files/154432/WordPress-Photo-Gallery-1.5.34-SQL-Injection.html