Vulnerabilities > Dbninja > Dbninja
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-02-11 | CVE-2019-7748 | Cross-site Scripting vulnerability in Dbninja 3.2.7 _includes\online.php in DbNinja 3.2.7 allows XSS via the data.php task parameter if _users/admin/tasks.php exists. | 4.3 |
| 2019-02-11 | CVE-2019-7747 | Session Fixation vulnerability in Dbninja 3.2.7 DbNinja 3.2.7 allows session fixation via the data.php sessid parameter. | 6.8 |
| 2019-02-06 | CVE-2019-7545 | Cross-site Scripting vulnerability in Dbninja In DbNinja 3.2.7, the Add Host function of the Manage Hosts pages has a Stored Cross-site Scripting (XSS) vulnerability in the User Name field. | 3.5 |