Themes Vulnerabilities

Toolbox 1.4 - flyer.php mls Parameter SQL Injection

Description

The toolbox WordPress theme was affected by a flyer.php mls Parameter SQL Injection security vulnerability.

Affects Themes

toolbox
No known fix

References

Classification

Type
SQLI
OWASP top 10
A1: Injection
CWE
CWE-89

Miscellaneous

Verified
No
WPVDB ID
6fd4fd54-7c8a-4682-8bc4-2d3131042039

Timeline

Publicly Published
2014-08-01 (about 11 years ago)
Added
2014-08-01 (about 11 years ago)
Last Updated
2019-10-21 (about 6 years ago)

Other

Published
Title
Published
2024-04-25
Title
WooCommerce Amazon Affiliates < 14.0.31 - Unauthenticated SQL Injection
Published
2014-08-01
Title
RLSWordPressSearch - register.php agentid Parameter SQL Injection
Published
2025-10-08
Title
Community Events < 1.5.2 - Unauthenticated SQL Injection
Published
2025-09-05
Title
WP Full Stripe Free < 8.2.6 - Authenticated (Administrator+) SQL Injection
Published
2023-09-15
Title
Horizontal scrolling announcement <= 9.2 - Authenticated (subscriber+) Blind SQL Injection