Themes Vulnerabilities

CStar Design 2.0 - flashmoXML.php id Parameter SQL Injection

Description

The cstardesign WordPress theme was affected by a flashmoXML.php id Parameter SQL Injection security vulnerability.

Affects Themes

cstardesign
No known fix

References

Classification

Type
SQLI
OWASP top 10
A1: Injection
CWE
CWE-89

Miscellaneous

Verified
No
WPVDB ID
292b4b2d-a323-44b5-a5dd-35bf1236e0c3

Timeline

Publicly Published
2014-08-01 (about 11 years ago)
Added
2014-08-01 (about 11 years ago)
Last Updated
2019-10-21 (about 6 years ago)

Other

Published
Title
Published
2020-07-18
Title
Email Subscribers & Newsletters < 4.5.1 - Authenticated SQL injection in es_newsletters_settings_callback()
Published
2021-10-05
Title
WP Bannerize 2.0.0 - 4.0.2 - Authenticated SQL Injection
Published
2009-09-28
Title
WP Forum < 2.4 - Multiple SQL Injection
Published
2021-06-16
Title
Filebird 4.7.3 - Unauthenticated SQL Injection
Published
2023-12-05
Title
Sayfa Sayaç <= 2.6 - Unauthenticated SQL Injection