Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Sqlite
(Sqlite)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 58 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2009-04-03 | CVE-2008-6593 | SQL injection vulnerability in LightNEasy/lightneasy.php in LightNEasy SQLite 1.2.2 and earlier allows remote attackers to inject arbitrary PHP code into comments.dat via the dlid parameter to index.php. | Lightneasy, Sqlite | N/A | ||
| 2009-04-03 | CVE-2008-6592 | thumbsup.php in Thumbs-Up 1.12, as used in LightNEasy "no database" (aka flat) and SQLite 1.2.2 and earlier, allows remote attackers to copy, rename, and read arbitrary files via directory traversal sequences in the image parameter with a modified cache_dir parameter containing a %00 (encoded null byte). | Lightneasy, Sqlite | N/A | ||
| 2009-04-03 | CVE-2008-6590 | Multiple directory traversal vulnerabilities in LightNEasy "no database" (aka flat) version 1.2.2, and possibly SQLite version 1.2.2, allow remote attackers to read arbitrary files via a .. (dot dot) in the page parameter to (1) index.php and (2) LightNEasy.php. | Lightneasy, Sqlite | N/A | ||
| 2009-04-03 | CVE-2008-6589 | Multiple cross-site scripting (XSS) vulnerabilities in LightNEasy "no database" (aka flat) version 1.2.2, and possibly SQLite version 1.2.2, allow remote attackers to inject arbitrary web script or HTML via the page parameter to (1) index.php and (2) LightNEasy.php. | Lightneasy, Sqlite | N/A |