Produkt Phpliteadmin (...) - CVEMAP.ORG

Podatności dla 'Phpliteadmin'

2015-08-18

CVE-2015-6518

CWE-79

Multiple cross-site scripting (XSS) vulnerabilities in phpLiteAdmin 1.1 allow remote attackers to inject arbitrary web script or HTML via the (1) PATH_INFO, (2) droptable parameter, or (3) table parameter to phpliteadmin.php.

CVE-2015-6517

CWE-352

Cross-site request forgery (CSRF) vulnerability in phpLiteAdmin 1.1 allows remote attackers to hijack the authentication of users for requests that drop database tables via the droptable parameter to phpliteadmin.php.

Copyright 2024, cxsecurity.com