30 matches found
EUVD-2014-4654
Malware in sbrugna...
MyWebSQL Detection (HTTP)
Checks whether MyWebSQL is present on the target system and if so, tries to figure out the installed version. Copyright C 2019 Greenbone Networks GmbH SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can redistribute it and/or modify it under the terms of the GNU Gener...
MyWebSQL <= 3.8 Multiple Vulnerabilities
MyWebSQL is prone to multiple vulnerabilities. Copyright C 2019 Greenbone Networks GmbH SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation;...
MyWebSQL <= 3.6 Cross-Site Scripting (XSS) Vulnerability
MyWebSQL is prone to a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Remote code execution
MyWebSQL 3.7 has a remote code execution RCE vulnerability after an attacker writes shell code into the database, and executes the Backup Database function with a .php filename for the backup's archive file...
CVE-2019-7730
MyWebSQL 3.7 has a Cross-site request forgery CSRF vulnerability for deleting a database via the /?q=wrkfrm&type=databases URI...
CVE-2019-7731
MyWebSQL 3.7 has a remote code execution RCE vulnerability after an attacker writes shell code into the database, and executes the Backup Database function with a .php filename for the backup's archive file...
CVE-2019-7731
MyWebSQL 3.7 has a remote code execution RCE vulnerability after an attacker writes shell code into the database, and executes the Backup Database function with a .php filename for the backup's archive file...
CVE-2019-7730
MyWebSQL 3.7 has a Cross-site request forgery CSRF vulnerability for deleting a database via the /?q=wrkfrm&type=databases URI...
CVE-2019-7730
MyWebSQL 3.7 has a Cross-site request forgery CSRF vulnerability for deleting a database via the /?q=wrkfrm&type=databases URI...
CVE-2019-7731
MyWebSQL 3.7 has a remote code execution RCE vulnerability after an attacker writes shell code into the database, and executes the Backup Database function with a .php filename for the backup's archive file...
CVE-2019-7731
Concrete details found: CVE-2019-7731 affects MyWebSQL 3.7 with a remote code execution vulnerability. The root cause described across sources is that an attacker can write shell code into the database and trigger the Backup Database function using a .php filename for the archive, enabling RCE. C...
CVE-2019-7730
Summary: MyWebSQL 3.7 contains a CSRF vulnerability that allows deletion of databases via the URI "/?q=wrkfrm&type=databases". Affected product: MyWebSQL (version 3.7). Vulnerability details: Cross-site request forgery could enable an authenticated attacker to perform database deletion through th...
CVE-2019-7544
An issue was discovered in MyWebSQL 3.7. The Add User function of the User Manager pages has a Stored Cross-site Scripting XSS vulnerability in the User Name Field...
CVE-2019-7544
An issue was discovered in MyWebSQL 3.7. The Add User function of the User Manager pages has a Stored Cross-site Scripting XSS vulnerability in the User Name Field...
CVE-2019-7544
CVE-2019-7544 affects MyWebSQL 3.7. The vulnerability is a Stored Cross-site Scripting (XSS) in the Add User function of the User Manager pages, specifically in the User Name Field. The issue is documented across multiple sources (NVD, Red Hat, OpenVAS, CVE lists), confirming a stored XSS flaw ra...
CVE-2017-1000011
MyWebSQL version 3.6 is vulnerable to stored XSS in the database manager component resulting in account takeover or stealing of information...
CVE-2017-1000011
MyWebSQL version 3.6 is vulnerable to stored XSS in the database manager component resulting in account takeover or stealing of information...
Cross site scripting
MyWebSQL version 3.6 is vulnerable to stored XSS in the database manager component resulting in account takeover or stealing of information...
CVE-2017-1000011
MyWebSQL version 3.6 is vulnerable to stored XSS in the database manager component resulting in account takeover or stealing of information...