1 results (0.002 seconds)
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1
CVE-2018-5374 – Dbox 3D Slider Lite <= 1.2.2 - SQL Injection
https://notcve.org/view.php?id=CVE-2018-5374
The Dbox 3D Slider Lite plugin through 1.2.2 for WordPress has SQL Injection via settings\sliders.php (current_slider_id parameter). El plugin Dbox 3D Slider Lite hasta la versión 1.2.2 para WordPress tiene inyección SQL mediante settings\sliders.php (parámetro current_slider_id). • http://www.defensecode.com/advisories/DC-2017-01-003_WordPress_Dbox_3D_Slider_Lite_Plugin_Advisory.pdf • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •