Vulnerabilities > Nimble3

DATE	CVE	VULNERABILITY TITLE	RISK
2021-08-23	CVE-2021-24557	SQL Injection vulnerability in Nimble3 M-Vslider 2.1.3 The update functionality in the rslider_page uses an rs_id POST parameter which is not validated, sanitised or escaped before being inserted in sql query, therefore leading to SQL injection for users having Administrator role. network low complexity nimble3 CWE-89	6.5

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.

Vulnerabilities > Nimble3 {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Nimble3"}]}

Vulnerabilities > Nimble3