SQL injection vulnerability in LightNEasy/lightneasy.php in LightNEasy SQLite 1.2.2 and previous versions allows remote malicious users to inject arbitrary PHP code into comments.dat via the dlid parameter to index.php.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
lightneasy lightneasy 1.2.2 |
||
sqlite sqlite 1.2.2 |