Description

SQL injection vulnerability in LightNEasy/lightneasy.php in LightNEasy SQLite 1.2.2 and earlier allows remote attackers to inject arbitrary PHP code into comments.dat via the dlid parameter to index.php.

Remediation

References

CVE-2008-6593

Related Vulnerabilities

Python Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2021-3426)

WordPress Plugin WP Customer Reviews Cross-Site Scripting (3.5.5)

MySQL CVE-2019-2752 Vulnerability (CVE-2019-2752)

Roundcube Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-15562)

WordPress Plugin Invit0r 'ofc_upload_image.php' Arbitrary File Upload (0.22)

Severity

High

Classification

CVE-2008-6593 CWE-138

Tags

Missing Update Known Vulnerabilities