Vulnerabilities > Nimble3

DATE CVE VULNERABILITY TITLE RISK
2021-08-23 CVE-2021-24557 Unspecified vulnerability in Nimble3 M-Vslider 2.1.3
The update functionality in the rslider_page uses an rs_id POST parameter which is not validated, sanitised or escaped before being inserted in sql query, therefore leading to SQL injection for users having Administrator role.
network
low complexity
nimble3
7.2