Vulnerabilities (CVE)

Filtered by vendor Mywebsql Subscribe
Total 5 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2019-7731 1 Mywebsql 1 Mywebsql 2024-11-21 7.5 HIGH 9.8 CRITICAL
MyWebSQL 3.7 has a remote code execution (RCE) vulnerability after an attacker writes shell code into the database, and executes the Backup Database function with a .php filename for the backup's archive file.
CVE-2019-7730 1 Mywebsql 1 Mywebsql 2024-11-21 4.9 MEDIUM 5.7 MEDIUM
MyWebSQL 3.7 has a Cross-site request forgery (CSRF) vulnerability for deleting a database via the /?q=wrkfrm&type=databases URI.
CVE-2019-7544 1 Mywebsql 1 Mywebsql 2024-11-21 3.5 LOW 5.4 MEDIUM
An issue was discovered in MyWebSQL 3.7. The Add User function of the User Manager pages has a Stored Cross-site Scripting (XSS) vulnerability in the User Name Field.
CVE-2017-1000011 1 Mywebsql 1 Mywebsql 2024-11-21 4.3 MEDIUM 6.1 MEDIUM
MyWebSQL version 3.6 is vulnerable to stored XSS in the database manager component resulting in account takeover or stealing of information
CVE-2014-4735 1 Mywebsql 1 Mywebsql 2024-11-21 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in MyWebSQL 3.4 and earlier allows remote attackers to inject arbitrary web script or HTML via the table parameter to index.php.