1 results (0.003 seconds)

CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1

The Dbox 3D Slider Lite plugin through 1.2.2 for WordPress has SQL Injection via settings\sliders.php (current_slider_id parameter). El plugin Dbox 3D Slider Lite hasta la versión 1.2.2 para WordPress tiene inyección SQL mediante settings\sliders.php (parámetro current_slider_id). • http://www.defensecode.com/advisories/DC-2017-01-003_WordPress_Dbox_3D_Slider_Lite_Plugin_Advisory.pdf • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •