Mywebsql
by Mywebsql
Source repositories
CVEs (5)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2019-7731 | Cri | 0.64 | 9.8 | 0.04 | Feb 11, 2019 | MyWebSQL 3.7 has a remote code execution (RCE) vulnerability after an attacker writes shell code into the database, and executes the Backup Database function with a .php filename for the backup's archive file. | ||
| CVE-2017-1000011 | Med | 0.40 | 6.1 | 0.01 | Jul 17, 2017 | MyWebSQL version 3.6 is vulnerable to stored XSS in the database manager component resulting in account takeover or stealing of information | ||
| CVE-2019-7730 | Med | 0.37 | 5.7 | 0.00 | Feb 11, 2019 | MyWebSQL 3.7 has a Cross-site request forgery (CSRF) vulnerability for deleting a database via the /?q=wrkfrm&type=databases URI. | ||
| CVE-2019-7544 | Med | 0.35 | 5.4 | 0.01 | Feb 6, 2019 | An issue was discovered in MyWebSQL 3.7. The Add User function of the User Manager pages has a Stored Cross-site Scripting (XSS) vulnerability in the User Name Field. | ||
| CVE-2014-4735 | 0.00 | — | 0.02 | Sep 12, 2014 | Cross-site scripting (XSS) vulnerability in MyWebSQL 3.4 and earlier allows remote attackers to inject arbitrary web script or HTML via the table parameter to index.php. |
- risk 0.64cvss 9.8epss 0.04
MyWebSQL 3.7 has a remote code execution (RCE) vulnerability after an attacker writes shell code into the database, and executes the Backup Database function with a .php filename for the backup's archive file.
- risk 0.40cvss 6.1epss 0.01
MyWebSQL version 3.6 is vulnerable to stored XSS in the database manager component resulting in account takeover or stealing of information
- risk 0.37cvss 5.7epss 0.00
MyWebSQL 3.7 has a Cross-site request forgery (CSRF) vulnerability for deleting a database via the /?q=wrkfrm&type=databases URI.
- risk 0.35cvss 5.4epss 0.01
An issue was discovered in MyWebSQL 3.7. The Add User function of the User Manager pages has a Stored Cross-site Scripting (XSS) vulnerability in the User Name Field.
- CVE-2014-4735Sep 12, 2014risk 0.00cvss —epss 0.02
Cross-site scripting (XSS) vulnerability in MyWebSQL 3.4 and earlier allows remote attackers to inject arbitrary web script or HTML via the table parameter to index.php.