Description

SQL injection vulnerability in LightNEasy/lightneasy.php in LightNEasy SQLite 1.2.2 and earlier allows remote attackers to inject arbitrary PHP code into comments.dat via the dlid parameter to index.php.

Remediation

References

CVE-2008-6593

Related Vulnerabilities

WordPress Plugin Broken Link Checker Unspecified Vulnerability (1.10.7)

WordPress Plugin Slideshow Pro 'upload.php' Arbitrary File Upload (2.1)

Drupal Core 8.9.x Multiple Security Bypass Vulnerabilities (8.9.0 - 8.9.18)

WordPress Plugin ResAds Multiple Cross-Site Scripting Vulnerabilities (1.0.1)

PHP Other Vulnerability (CVE-2003-0861)

Severity

High

Classification

CVE-2008-6593 CWE-138

Tags

Missing Update Known Vulnerabilities