4.9
CVSSv2

CVE-2019-7730

Published: 11/02/2019 Updated: 12/02/2019
CVSS v2 Base Score: 4.9 | Impact Score: 4.9 | Exploitability Score: 6.8
CVSS v3 Base Score: 5.7 | Impact Score: 3.6 | Exploitability Score: 2.1
VMScore: 437
Vector: AV:N/AC:M/Au:S/C:N/I:P/A:P

Vulnerability Summary

MyWebSQL 3.7 has a Cross-site request forgery (CSRF) vulnerability for deleting a database via the /?q=wrkfrm&type=databases URI.

Vulnerability Trend

Affected Products

Vendor Product Versions
MywebsqlMywebsql3.7

Github Repositories

CVEnotes The discovery of these vulnerability is to work with my colleagues CVE ID Product Attack Vector Reference CVE-2018-18950 KindEditor Directory Traversal [CVE][Description] CVE-2018-19340 Guriddo Form PHP Cross-Site Scripting (XSS) [CVE][Description] CVE-2018-19434 webERP SQL injection (Blind) [CVE][Description] CVE-2018-19435 webERP SQL injection (Blind) [

CVEnotes The discovery of these vulnerability is to work with my colleagues CVE ID Product Attack Vector Reference CVE-2018-18950 KindEditor Directory Traversal [CVE][Description] CVE-2018-19340 Guriddo Form PHP Cross-Site Scripting (XSS) [CVE][Description] CVE-2018-19434 webERP SQL injection (Blind) [CVE][Description] CVE-2018-19435 webERP SQL injection (Blind) [

Architecture These exploit of CVEs is together with my colleagues CVE ID Attack Vector Product Reference CVE-2019-7748 Broken Authentication DbNinja [1][2] CVE-2019-7747 Broken Authentication DbNinja [1][2] CVE-2019-7731 Remote Code Execution (RCE) MyWebSQL [1][2] CVE-2019-7730 Cross-site request forgery (CSRF) MyWebSQL [1][2] CVE-2019-7661 (Wait for Published)