5 matches found
CVE-2020-15364
The Nexos theme through 1.7 for WordPress allows top-map/?searchlocation= reflected XSS...
WordPress NexosReal Estate Theme 1.7 Cross Site Scripting / SQL Injection
Exploit Title: WordPress Theme NexosReal Estate 1.7 - 'searchorder' SQL Injection Google Dork: inurl:/wp-content/themes/nexos/ Date: 2020-06-17 Exploit Author: Vlad Vector Vendor: Sanljiljan https://themeforest.net/user/sanljiljan Software Version: 1.7 Software Link:...
WordPress NexosReal Estate 1.7 Theme - (search_order) SQL Injection Vulnerability
Exploit for php platform in category web applications Exploit Title: WordPress Theme NexosReal Estate 1.7 - 'searchorder' SQL Injection Google Dork: inurl:/wp-content/themes/nexos/ Exploit Author: Vlad Vector Vendor: Sanljiljan https://themeforest.net/user/sanljiljan Software Version: 1.7 Softwar...
WordPress Theme NexosReal Estate 1.7 - 'search_order' SQL Injection
Exploit Title: WordPress Theme NexosReal Estate 1.7 - 'searchorder' SQL Injection Google Dork: inurl:/wp-content/themes/nexos/ Date: 2020-06-17 Exploit Author: Vlad Vector Vendor: Sanljiljan https://themeforest.net/user/sanljiljan Software Version: 1.7 Software Link:...
CVE-2020-15364
The CVE-2020-15364 entry corresponds to the Nexos Real Estate WordPress Theme (up to v1.7). Connected sources confirm concrete details: vulnerable components are the frontend endpoints top-map/?search_location= (reflected XSS) and side-map/?search_order= (SQL Injection). Attacker could trigger un...