CVE-2016-10940

Name of the Vulnerable Software and Affected Versions zm-gallery plugin version 1.0

Description The issue is related to SQL injection via the order parameter. This allows for potential exploitation by injecting malicious SQL code.

Recommendations For version 1.0, consider restricting access to the order parameter to minimize the risk of exploitation. As a temporary workaround, avoid using the order parameter in the affected plugin until a patch is available. At the moment, there is no information about a newer version that contains a fix for this issue.