Nimble3 CVE - OpenCVE

Filtered by vendor Nimble3 Subscriptions

Total 1 CVE

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2021-24557	1 Nimble3	1 M-vslider	2024-08-03	7.2 High
The update functionality in the rslider_page uses an rs_id POST parameter which is not validated, sanitised or escaped before being inserted in sql query, therefore leading to SQL injection for users having Administrator role.

Page 1 of 1.