EUVD-2021-11310

Malware in sbrugna...

EUVD-2018-17146

Malware in sbrugna...

CVE-2021-24398

The Add new scene functionality in the Responsive 3D Slider WordPress plugin through 1.2 uses an id parameter which is not sanitised, escaped or validated before being inserted to a SQL statement, leading to SQL injection. This is a time based SQLI and in the same function vulnerable parameter is...

Sql injection

The Add new scene functionality in the Responsive 3D Slider WordPress plugin through 1.2 uses an id parameter which is not sanitised, escaped or validated before being inserted to a SQL statement, leading to SQL injection. This is a time based SQLI and in the same function vulnerable parameter is...

WordPress SQL注入漏洞

WordPress is a set of blogging platforms developed using the PHP language by the WordPress Wordpress Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL. A SQL injection vulnerability exists in the Responsive 3D Slider WordPress plugin 1.2 and prior...

Responsive 3D Slider <= 1.2 - Authenticated SQL Injection

The Add new scene functionality in the plugin uses an id parameter which is not sanitised, escaped or validated before being inserted to a SQL statement, leading to SQL injection. This is a time based SQLI and in the same function vulnerable parameter is passed twice so if we pass time as 5 secon...

WordPress Responsive 3D Slider plugin <= 1.2 - Authenticated SQL Injection (SQLi) vulnerability

Authenticated SQL Injection SQLi vulnerability discovered by Syed Sheeraz Ali in WordPress Responsive 3D Slider plugin versions = 1.2. Solution This plugin has been closed as of May 13, 2021 and is not available for download. Reason: Security Issue...

CVE-2018-5374

The Dbox 3D Slider Lite plugin through 1.2.2 for WordPress has SQL Injection via settings\sliders.php currentsliderid parameter...

Sql injection

The Dbox 3D Slider Lite plugin through 1.2.2 for WordPress has SQL Injection via settings\sliders.php currentsliderid parameter...

CVE-2018-5374

CVE-2018-5374 affects WordPress Dbox 3D Slider Lite plugin (

WordPress Dbox 3D Slider Lite plugin <=1.2.2 - Multiple Authenticated SQL injection vulnerabilities

Multiple Authenticated SQL injection vulnerabilities found by DefenseCode in WordPress Dbox 3D Slider Lite plugin versions =1.2.2. Solution 1/11/2018 - we were unable to find a patched version of this plugin. Latest version released two years ago...

WordPress Dbox 3D Slider Lite 1.2.2 SQL Injection

DefenseCode ThunderScan SAST Advisory: WordPress Dbox 3D Slider Lite Multiple SQL injection Security Vulnerabilities Advisory ID: DC-2017-01-003 Advisory Title: WordPress Dbox 3D Slider Lite Plugin Multiple SQL injection Security Vulnerabilities Advisory URL:...

Dbox 3D Slider Lite <= 1.2.2 - Multiple Authenticated SQL injection

During the security analysis, ThunderScan discovered SQL injection vulnerabilities in Dbox 3D Slider Lite WordPress plugin. The easiest way to reproduce the vulnerabilities is to modify the POST request for the slider rename or reorder and append parts of the SQL query to the currentsliderid...