Lucene search

Mywebsql Security Vulnerabilities

cve

CVE-2014-4735

Cross-site scripting (XSS) vulnerability in MyWebSQL 3.4 and earlier allows remote attackers to inject arbitrary web script or HTML via the table parameter to index.php.

5.7AI Score

0.003EPSS

2014-09-12 02:55 PM

cve

CVE-2017-1000011

MyWebSQL version 3.6 is vulnerable to stored XSS in the database manager component resulting in account takeover or stealing of information

6.1CVSS

5.8AI Score

0.001EPSS

2017-07-17 01:18 PM

cve

CVE-2019-7544

An issue was discovered in MyWebSQL 3.7. The Add User function of the User Manager pages has a Stored Cross-site Scripting (XSS) vulnerability in the User Name Field.

5.4CVSS

5.9AI Score

0.001EPSS

2019-02-06 09:29 PM

cve

CVE-2019-7730

MyWebSQL 3.7 has a Cross-site request forgery (CSRF) vulnerability for deleting a database via the /?q=wrkfrm&type=databases URI.

5.7CVSS

6.6AI Score

0.001EPSS

2019-02-11 05:29 PM

cve

CVE-2019-7731

MyWebSQL 3.7 has a remote code execution (RCE) vulnerability after an attacker writes shell code into the database, and executes the Backup Database function with a .php filename for the backup's archive file.

9.8CVSS

9.7AI Score

0.021EPSS

2019-02-11 05:29 PM