Sqlitemanager
Monthly
SQLiteManager 1.20 and 1.24 allows SQL injection via the /sqlitemanager/main.php dbsel parameter. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
Multiple cross-site scripting (XSS) vulnerabilities in SQLiteManager 1.2.4 allow remote attackers to inject arbitrary web script or HTML via the dbsel parameter to (1) main.php or (2) index.php; or. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Public exploit code available and EPSS exploitation probability 11.1%.
SQLiteManager 1.20 and 1.24 allows SQL injection via the /sqlitemanager/main.php dbsel parameter. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
Multiple cross-site scripting (XSS) vulnerabilities in SQLiteManager 1.2.4 allow remote attackers to inject arbitrary web script or HTML via the dbsel parameter to (1) main.php or (2) index.php; or. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Public exploit code available and EPSS exploitation probability 11.1%.