EUVD-2021-0249

Malware in sbrugna...

Cross-Site Request Forgery in sqlite-web

This affects all versions of package sqlite-web. The SQL dashboard area allows sensitive actions to be performed without validating that the request originated from the application. This could enable an attacker to trick a user into performing these actions unknowingly through a Cross Site Reques...

GHSA-2J58-PWWV-X666 Cross-Site Request Forgery in sqlite-web

This affects all versions of package sqlite-web. The SQL dashboard area allows sensitive actions to be performed without validating that the request originated from the application. This could enable an attacker to trick a user into performing these actions unknowingly through a Cross Site Reques...

CVE-2021-23404

This affects all versions of package sqlite-web. The SQL dashboard area allows sensitive actions to be performed without validating that the request originated from the application. This could enable an attacker to trick a user into performing these actions unknowingly through a Cross Site Reques...

CVE-2021-23404

This affects all versions of package sqlite-web. The SQL dashboard area allows sensitive actions to be performed without validating that the request originated from the application. This could enable an attacker to trick a user into performing these actions unknowingly through a Cross Site Reques...

PYSEC-2021-332

This affects all versions of package sqlite-web. The SQL dashboard area allows sensitive actions to be performed without validating that the request originated from the application. This could enable an attacker to trick a user into performing these actions unknowingly through a Cross Site Reques...

PYSEC-2021-332

This affects all versions of package sqlite-web. The SQL dashboard area allows sensitive actions to be performed without validating that the request originated from the application. This could enable an attacker to trick a user into performing these actions unknowingly through a Cross Site Reques...

CVE-2021-23404

CVE-2021-23404 affects all versions of sqlite-web. The vulnerability is a Cross-Site Request Forgery (CSRF) in the SQL dashboard area that can cause sensitive actions to be performed without confirming the request origin. The issue is documented across multiple sources (NVD, GHSA, OSV, Snyk) with...

CVE-2021-23404

This affects all versions of package sqlite-web. The SQL dashboard area allows sensitive actions to be performed without validating that the request originated from the application. This could enable an attacker to trick a user into performing these actions unknowingly through a Cross Site Reques...

Sqlite 跨站请求伪造漏洞

Sqlite is a lightweight database that is ACID compliant relational database management system. A security vulnerability exists in sqlite sqlite-web that allows sensitive operations to be performed without verifying that the request is from the application...

db-systray (>=0.1.0 <=0.1.2), dbm-systray (>=0.1.3 <=0.2.0) +6 more potentially affected by CVE-2021-23404 via sqlite-web (>=0.6.8 <=0.7.2)

sqlite-web PYPI version =0.6.8, =0.1.0, =0.1.3, =0.0.2, =0.0.2, =0.0.1, =0.2.1, =0.1.8, =0.2.6 Source cves: CVE-2021-23404 Source advisory: SNYK:PYTHON-SQLITEWEB-1316324...

Cross-site Request Forgery (CSRF)

Overview sqlite-web is a Web-based SQLite database browser. Affected versions of this package are vulnerable to Cross-site Request Forgery CSRF. The SQL dashboard area allows sensitive actions to be performed without validating that the request originated from the application. This could enable a...