Description
SQL injection vulnerability in LightNEasy/lightneasy.php in LightNEasy SQLite 1.2.2 and earlier allows remote attackers to inject arbitrary PHP code into comments.dat via the dlid parameter to index.php.
Remediation
References
Related Vulnerabilities
WordPress Plugin Double Opt-In for Download SQL Injection (2.0.9)
Jenkins 7PK - Security Features Vulnerability (CVE-2014-9635)
Oracle Database Server CVE-2014-6547 Vulnerability (CVE-2014-6547)
WordPress Plugin Nginx Helper Cross-Site Scripting (1.8.9)
PHP Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2012-6113)