Description

SQL injection vulnerability in LightNEasy/lightneasy.php in LightNEasy SQLite 1.2.2 and earlier allows remote attackers to inject arbitrary PHP code into comments.dat via the dlid parameter to index.php.

Remediation

References

CVE-2008-6593

Related Vulnerabilities

WordPress Plugin Double Opt-In for Download SQL Injection (2.0.9)

Jenkins 7PK - Security Features Vulnerability (CVE-2014-9635)

Oracle Database Server CVE-2014-6547 Vulnerability (CVE-2014-6547)

WordPress Plugin Nginx Helper Cross-Site Scripting (1.8.9)

PHP Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2012-6113)

Severity

High

Classification

CVE-2008-6593 CWE-138

Tags

Missing Update Known Vulnerabilities