CVE-2008-6593

Published: 4/3/2009 Last updated: 8/7/2024 Reserved: 4/3/2009

SQL injection vulnerability in LightNEasy/lightneasy.php in LightNEasy SQLite 1.2.2 and earlier allows remote attackers to inject arbitrary PHP code into comments.dat via the dlid parameter to index.php.

CNA assigner: mitre (8254265b-2729-46b6-b9e3-3dfca2d5bfca) Requested by: n/a

Opam packages affected (4)

conf-mingw-w64-sqlite3-i686 conf-mingw-w64-sqlite3-x86_64 conf-sqlite3 lemonade-sqlite

Products affected (1)

Product	Vendor	Version
n/a	n/a	Smart Audio 400 Platform

References (12)

http://www.securityfocus.com/bid/28801
http://www.securityfocus.com/archive/1/491064/100/0/threaded
http://www.osvdb.org/44675
http://secunia.com/advisories/29833
https://www.exploit-db.com/exploits/5452
https://exchange.xforce.ibmcloud.com/vulnerabilities/42009
http://www.securityfocus.com/bid/28801
http://www.securityfocus.com/archive/1/491064/100/0/threaded
http://www.osvdb.org/44675
http://secunia.com/advisories/29833
https://www.exploit-db.com/exploits/5452
https://exchange.xforce.ibmcloud.com/vulnerabilities/42009