PT-2022-12910 · Unknown +2 · Phpliteadmin +2

Name of the Vulnerable Software and Affected Versions: phpLiteAdmin versions prior to 1.9.8.2 Description: The issue allows for XSS attacks via the newRows parameter, also known as num or number, in the index.php file. Recommendations: For versions prior to 1.9.8.2, avoid using the newRows...

phpLiteAdmin 跨站脚本漏洞

phpLiteAdmin is a web-based SQLite database management tool. phpLiteAdmin versions prior to 1.9.8.2 are vulnerable to cross-site scripting. The vulnerability stems from a newRows parameter in index.php that lacks a data validation filter for user-supplied data and output. An attacker could use th...

phpLiteAdmin Design Vulnerability

phpLiteAdmin is a software developer Dane Iracleous developed a set of PHP implementation and Web-based open-source SQLite database management tool . A security vulnerability exists in phpLiteAdmin versions 1.9.5 through 1.9.7.1, which stems from a failure of the program to perform an accurate...

phpLiteAdmin 1.9.7.1 Authorization Bypass Vulnerability

Exploit for php platform in category web applications I found a small issue in PHPLiteAdmin. It's an authorization bypass which works since version 1.9.5 from 2014 current is 1.9.7.1 because PLA uses '==' instead of '===' for the password comparison in 'attemptGrant' of the 'Authorization' class...

UBUNTU-CVE-2018-10362

An issue was discovered in phpLiteAdmin 1.9.5 through 1.9.7.1. Due to loose comparison with '==' instead of '===' in classes/Authorization.php for the user-provided login password, it is possible to login with a simpler password if the password has the form of a power in scientific notation like...

DEBIAN-CVE-2018-10362

An issue was discovered in phpLiteAdmin 1.9.5 through 1.9.7.1. Due to loose comparison with '==' instead of '===' in classes/Authorization.php for the user-provided login password, it is possible to login with a simpler password if the password has the form of a power in scientific notation like...

CVE-2018-10362

An issue was discovered in phpLiteAdmin 1.9.5 through 1.9.7.1. Due to loose comparison with '==' instead of '===' in classes/Authorization.php for the user-provided login password, it is possible to login with a simpler password if the password has the form of a power in scientific notation like...

CVE-2018-10362

An issue was discovered in phpLiteAdmin 1.9.5 through 1.9.7.1. Due to loose comparison with '==' instead of '===' in classes/Authorization.php for the user-provided login password, it is possible to login with a simpler password if the password has the form of a power in scientific notation like...

Default credentials

An issue was discovered in phpLiteAdmin 1.9.5 through 1.9.7.1. Due to loose comparison with '==' instead of '===' in classes/Authorization.php for the user-provided login password, it is possible to login with a simpler password if the password has the form of a power in scientific notation like...

CVE-2018-10362

An issue was discovered in phpLiteAdmin 1.9.5 through 1.9.7.1. Due to loose comparison with '==' instead of '===' in classes/Authorization.php for the user-provided login password, it is possible to login with a simpler password if the password has the form of a power in scientific notation like...

CVE-2018-10362

An issue was discovered in phpLiteAdmin 1.9.5 through 1.9.7.1. Due to loose comparison with '==' instead of '===' in classes/Authorization.php for the user-provided login password, it is possible to login with a simpler password if the password has the form of a power in scientific notation like...

CVE-2018-10362

CVE-2018-10362 affects phpLiteAdmin 1.9.5–1.9.7.1. The issue stems from a loose comparison (==) in classes/Authorization.php for the user-provided login password, allowing login with a simpler password when the input resembles a number in scientific notation (e.g., 2e2 or 0e1234). PHP then interp...

CVE-2018-10362

An issue was discovered in phpLiteAdmin 1.9.5 through 1.9.7.1. Due to loose comparison with '==' instead of '===' in classes/Authorization.php for the user-provided login password, it is possible to login with a simpler password if the password has the form of a power in scientific notation like...

PT-2018-9847 · Phpliteadmin · Phpliteadmin

Name of the Vulnerable Software and Affected Versions: phpLiteAdmin versions 1.9.5 through 1.9.7.1 Description: An issue was discovered due to loose comparison with '==' instead of '===' in the Authorization.php class for user-provided login passwords. This allows an attacker to login with a...

Authorization Bypass

phpLiteAdmin is vulnerable to Authorization Bypasses. The application uses the == comparator when validating passwords, allowing a malicious user to bypass the validation by passing in a numerical password in scientific notation e.g. 0e1...

phpLiteAdmin Authentication Bypass Vulnerability

phpLiteAdmin is prone to an authentication bypass vulnerability. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

phpLiteAdmin PHP Code Injection Vulnerability

phpLiteAdmin is prone to a PHP code injection vulnerability. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

phpLiteAdmin < 1.9.7 Multiple Vulnerabilities

phpLiteAdmin is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

phpLiteAdmin 1.9.6 Cross Site Request Forgery / Cross Site Scripting

Exploit Title: phpLiteAdmin v1.9.6 - Multiple Vulnerabilities Date: 20.04.2016 Exploit Author: Ozer Goker Vendor Homepage: https://www.phpliteadmin.org Software Link: https://bitbucket.org/phpliteadmin/public/downloads/phpLiteAdminv1-9-6.zip Version: 1.9.6 Introduction phpLiteAdmin is a web-based...

phpLiteAdmin 1.9.6 - Multiple Vulnerabilities

Exploit for php platform in category web applications Exploit Title: phpLiteAdmin v1.9.6 - Multiple Vulnerabilities Date: 20.04.2016 Exploit Author: Ozer Goker Vendor Homepage: https://www.phpliteadmin.org Software Link: https://bitbucket.org/phpliteadmin/public/downloads/phpLiteAdminv1-9-6.zip...