Vulnerability Details CVE-2008-6593
SQL injection vulnerability in LightNEasy/lightneasy.php in LightNEasy SQLite 1.2.2 and earlier allows remote attackers to inject arbitrary PHP code into comments.dat via the dlid parameter to index.php.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.004
EPSS Ranking 58.1%
CVSS Severity
CVSS v2 Score 7.5
References
- http://secunia.com/advisories/29833
- http://www.osvdb.org/44675
- http://www.securityfocus.com/archive/1/491064/100/0/threaded
- http://www.securityfocus.com/bid/28801
- https://exchange.xforce.ibmcloud.com/vulnerabilities/42009
- https://www.exploit-db.com/exploits/5452
- http://secunia.com/advisories/29833
- http://www.osvdb.org/44675
- http://www.securityfocus.com/archive/1/491064/100/0/threaded
- http://www.securityfocus.com/bid/28801
- https://exchange.xforce.ibmcloud.com/vulnerabilities/42009
- https://www.exploit-db.com/exploits/5452
Products affected by CVE-2008-6593
-
cpe:2.3:a:lightneasy:lightneasy:1.2.2
-
cpe:2.3:a:sqlite:sqlite:1.2.2