Vulnerabilities > Sqlitemanager
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2019-03-21 | CVE-2019-9083 | SQL Injection vulnerability in Sqlitemanager 1.20/1.24 SQLiteManager 1.20 and 1.24 allows SQL injection via the /sqlitemanager/main.php dbsel parameter. | 7.5 |
2012-09-23 | CVE-2012-5105 | Cross-Site Scripting vulnerability in Sqlitemanager 1.2.4 Multiple cross-site scripting (XSS) vulnerabilities in SQLiteManager 1.2.4 allow remote attackers to inject arbitrary web script or HTML via the dbsel parameter to (1) main.php or (2) index.php; or (3) nsextt parameter to index.php. | 4.3 |
2010-01-04 | CVE-2009-4539 | Cross-Site Scripting vulnerability in Sqlitemanager 1.2.0 Cross-site scripting (XSS) vulnerability in main.php in SQLiteManager 1.2.0 allows remote attackers to inject arbitrary web script or HTML via the redirect parameter. | 4.3 |
2007-03-03 | CVE-2007-1231 | Cross-Site Scripting vulnerability in Sqlitemanager 1.2.0 Multiple cross-site scripting (XSS) vulnerabilities in SQLiteManager 1.2.0 allow remote attackers to inject arbitrary web script or HTML via the (1) database name, (2) table name, (3) ViewName, (4) view, (5) trigger, and (6) function fields in main.php and certain other files. | 4.3 |