SQLiteManager <= 1.2.0 XSS Vulnerability

SQLiteManager is prone to a cross-site scripting XSS vulnerability. Copyright C 2010 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free...

CVE-2009-4539

Cross-site scripting XSS vulnerability in main.php in SQLiteManager 1.2.0 allows remote attackers to inject arbitrary web script or HTML via the redirect parameter...

Cross site scripting

Cross-site scripting XSS vulnerability in main.php in SQLiteManager 1.2.0 allows remote attackers to inject arbitrary web script or HTML via the redirect parameter...

CVE-2009-4539

SQLiteManager 1.2.0 is affected by a Cross-Site Scripting (XSS) vulnerability in main.php that allows an attacker to inject arbitrary script via the redirect parameter. The issue is a client-side/script injection risk arising from user-controlled redirect data; no exploit details are provided in ...

CVE-2009-4539

Cross-site scripting XSS vulnerability in main.php in SQLiteManager 1.2.0 allows remote attackers to inject arbitrary web script or HTML via the redirect parameter...

SQLiteManager Cross Site Scripting

SqLiteManager All Version Cross Site Scripting Found by : Hadi Kiamarsi Contact : [email protected] Download : http://downloads.sourceforge.net/project/sqlitemanager/sqlitemanager/1.2.0/SQLiteManager-1.2.0.zip?usemirror=heanet PoC : http://www.example.com/main.php?redirect=alert'Hadi Kiamars...

SQLiteManager 1.2 - main.php Cross-Site Scripting

SQLiteManager 1.2 - main.php Cross-Site Scripting source: https://www.securityfocus.com/bid/36002/info SQLiteManager is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in...

SQLiteManager 1.2 - &#039;main.php&#039; Cross-Site Scripting

source: https://www.securityfocus.com/bid/36002/info SQLiteManager is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context...

XSS in SqLiteManager

SqLiteManager All Version Cross Site Scripting Found by : Hadi Kiamarsi Contact : [email protected] Download : http://downloads.sourceforge.net/project/sqlitemanager/sqlitemanager/1.2.0/SQLiteManager-1.2.0.zip?usemirror=heanet PoC : http://www.example.com/main.php?redirect=scriptalert'Hadi...

Remote file inclusion

PHP remote file inclusion vulnerability in spaw/dialogs/confirm.php in SQLiteManager 1.2.0 allows remote attackers to execute arbitrary PHP code via a URL in the spawroot parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...

CVE-2008-0516

PHP remote file inclusion vulnerability in spaw/dialogs/confirm.php in SQLiteManager 1.2.0 allows remote attackers to execute arbitrary PHP code via a URL in the spawroot parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...

CVE-2008-0516

CVE-2008-0516 affects SQLiteManager 1.2.0 via a PHP remote file inclusion in spaw/dialogs/confirm.php. The vulnerability stems from unsanitized input in the spaw_root parameter, enabling an attacker to include a remote URL and execute arbitrary PHP code on the server. Reported impact is remote co...

CVE-2008-0516

PHP remote file inclusion vulnerability in spaw/dialogs/confirm.php in SQLiteManager 1.2.0 allows remote attackers to execute arbitrary PHP code via a URL in the spawroot parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...

SQLiteManager confirm.php spaw_root Parameter Remote File Inclusion

The remote host is running SQLiteManager, a web-based application for managing SQLite databases. The version of SQLiteManager installed on the remote host fails to sanitize user-supplied input to the 'spawroot' parameter of the 'spaw/dialogs/confirm.php' script before using it to include PHP code...

CVE-2007-1231

Multiple cross-site scripting XSS vulnerabilities in SQLiteManager 1.2.0 allow remote attackers to inject arbitrary web script or HTML via the 1 database name, 2 table name, 3 ViewName, 4 view, 5 trigger, and 6 function fields in main.php and certain other files...

CVE-2007-1232

Directory traversal vulnerability in SQLiteManager 1.2.0 allows remote attackers to read arbitrary files via a .. dot dot in a SQLiteManagercurrentTheme cookie...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in SQLiteManager 1.2.0 allow remote attackers to inject arbitrary web script or HTML via the 1 database name, 2 table name, 3 ViewName, 4 view, 5 trigger, and 6 function fields in main.php and certain other files...

Directory traversal

Directory traversal vulnerability in SQLiteManager 1.2.0 allows remote attackers to read arbitrary files via a .. dot dot in a SQLiteManagercurrentTheme cookie...

DSquare Exploit Pack: D2SEC_SQLITEMANAGER

Name| d2secsqlitemanager ---|--- CVE| CVE-2007-1232 Exploit Pack| D2ExploitPack Description| SQLiteManager Local File Include Vulnerability Notes|...

CVE-2007-1232

Directory traversal vulnerability in SQLiteManager 1.2.0 allows remote attackers to read arbitrary files via a .. dot dot in a SQLiteManagercurrentTheme cookie...