Multiple cross-site scripting (XSS) vulnerabilities in SQLiteManager 1.2.0 allow remote attackers to inject arbitrary web script or HTML via the (1) database name, (2) table name, (3) ViewName, (4) view, (5) trigger, and (6) function fields in main.php and certain other files.
References
Configurations
History
21 Nov 2024, 00:27
Type | Values Removed | Values Added |
---|---|---|
References | () http://osvdb.org/34634 - | |
References | () http://securityreason.com/securityalert/2366 - | |
References | () http://www.securityfocus.com/archive/1/461304/100/0/threaded - | |
References | () http://www.securityfocus.com/bid/22731 - | |
References | () https://exchange.xforce.ibmcloud.com/vulnerabilities/32692 - |
Information
Published : 2007-03-03 19:19
Updated : 2024-11-21 00:27
NVD link : CVE-2007-1231
Mitre link : CVE-2007-1231
CVE.ORG link : CVE-2007-1231
JSON object : View
Products Affected
sqlitemanager
- sqlitemanager
CWE
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')