Description

SQL injection vulnerability in LightNEasy/lightneasy.php in LightNEasy SQLite 1.2.2 and earlier allows remote attackers to inject arbitrary PHP code into comments.dat via the dlid parameter to index.php.

Remediation

References

CVE-2008-6593

Related Vulnerabilities

WordPress Plugin Backup, Restore and Migrate WordPress Sites With the XCloner Cross-Site Scripting (3.1.2)

WordPress Plugin bbPress SQL Injection (2.5.14)

Oracle Application Server Other Vulnerability (CVE-2005-3449)

PHP NULL Pointer Dereference Vulnerability (CVE-2016-10162)

WordPress Plugin Migration, Backup, Staging-WPvivid SQL Injection (0.9.52)

Severity

High

Classification

CVE-2008-6593 CWE-138

Tags

Missing Update Known Vulnerabilities