CVE-2017-20247

Deferred Deferred - Pending Action

SQL Injection in PICA Photo Gallery WordPress Plugin

Publication date: 2026-06-09

Last updated on: 2026-06-09

Assigner: VulnCheck

Description

WordPress Plugin PICA Photo Gallery 1.0 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the aid parameter. Attackers can send GET requests with crafted SQL payloads in the aid parameter to extract sensitive database information including user credentials and table contents.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published

2026-06-09

Last Modified

2026-06-09

Generated

2026-06-09

AI Q&A

2026-06-09

EPSS Evaluated

N/A

NVD

CVE-2017-20247

EUVD

EUVD-2017-18973

Affected Vendors & Products

Vendor	Product	Version / Range
apptha	pica_photo_gallery	1.0
pica_photo_gallery	pica_photo_gallery	1.0

Helpful Resources

Exploitability

CWE

KEV

CWE ID	Description
CWE-89	The product constructs all or part of an SQL command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended SQL command when it is sent to a downstream component. Without sufficient removal or quoting of SQL syntax in user-controllable inputs, the generated SQL query can cause those inputs to be interpreted as SQL instead of ordinary user data.

CWE ID

Description

CWE-89

The product constructs all or part of an SQL command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended SQL command when it is sent to a downstream component. Without sufficient removal or quoting of SQL syntax in user-controllable inputs, the generated SQL query can cause those inputs to be interpreted as SQL instead of ordinary user data.

Attack-Flow Graph

Compliance Impact

The SQL injection vulnerability in the WordPress Plugin PICA Photo Gallery 1.0 allows attackers to extract sensitive database information, including user credentials and table contents.

Exposure of sensitive user data through this vulnerability could lead to non-compliance with data protection regulations such as GDPR and HIPAA, which require the protection of personal and sensitive information from unauthorized access.

Organizations using this plugin without mitigation may risk violating these standards due to potential data breaches resulting from exploitation of this vulnerability.

Executive Summary

The WordPress Plugin PICA Photo Gallery version 1.0 contains a SQL injection vulnerability. This flaw allows unauthenticated attackers to inject malicious SQL code through the 'aid' parameter in GET requests.

By exploiting this vulnerability, attackers can execute arbitrary SQL queries on the database, potentially extracting sensitive information such as user credentials and contents of various database tables.

Impact Analysis

This vulnerability can have serious impacts including unauthorized access to sensitive database information.

Attackers can extract user credentials, which may lead to account compromise.
Sensitive data stored in database tables can be exposed, leading to data breaches.
Since the vulnerability is exploitable without authentication, it increases the risk of remote attacks.

Detection Guidance

This vulnerability can be detected by monitoring HTTP GET requests to the WordPress site for suspicious or crafted SQL payloads in the 'aid' parameter.

A practical detection method is to use web server logs or network traffic analysis tools to search for requests containing the 'aid' parameter with SQL injection patterns.

For example, you can use the following command to search Apache or Nginx access logs for suspicious 'aid' parameter usage:

grep -i 'aid=' /var/log/apache2/access.log
grep -i 'aid=' /var/log/nginx/access.log

Additionally, penetration testers can attempt to exploit the vulnerability by sending crafted GET requests with SQL payloads in the 'aid' parameter, such as:

curl "http://[target]/[PATH]/?aid=1' OR '1'='1
curl "http://[target]/[PATH]/?aid=1 UNION SELECT user(), database(), version()-- "

These commands help verify if the application is vulnerable by checking for abnormal responses or database error messages.

Mitigation Strategies

Immediate mitigation steps include disabling or removing the vulnerable PICA Photo Gallery plugin version 1.0 from your WordPress installation.

If an update or patch is available from the plugin developer, apply it immediately to fix the SQL injection vulnerability.

As a temporary measure, you can implement web application firewall (WAF) rules to block or filter requests containing suspicious 'aid' parameter values that resemble SQL injection attempts.

Additionally, restrict access to the affected plugin's endpoints if possible, and monitor logs for any exploitation attempts.

Hi! I’m here to help you understand CVE-2017-20247. Ask me anything about the vulnerability, its impact, or mitigation strategies.

0/70

CVE-2017-20247

SQL Injection in PICA Photo Gallery WordPress Plugin

Description

CVSS Scores

EPSS Scores

Meta Information

Affected Vendors & Products

Helpful Resources

Exploitability

Attack-Flow Graph

AI Quick Actions

Chat Assistant

EPSS Chart