sqlitemanager 関連製品全体の CVE とセキュリティ脆弱性情報を集約し、CVSS、EPSS、公開日、脆弱性情報データを掲載しています。
一般的な弱点パターンには vendor risk cross-site scripting and vendor risk sql injection があり、vendor surface data storage and vendor surface data access の利用場面で vendor impact session compromise and vendor impact data exposure などのリスクが生じる可能性があります。
掲載データは公開脆弱性情報とセキュリティ公告に基づき、過去の暴露面と修補優先度の評価に利用できます。
| CVE | 概要 | ソース | CVSS 最大値 | EPSS(%) | 公開 | 更新 |
|---|---|---|---|---|---|---|
| CVE-2019-9083 | SQLiteManager 1.20 and 1.24 allows SQL injection via the /sqlitemanager/main.php dbsel parameter. NOTE: This product is discontinued. | [email protected] | 9.8 | 17.60% | 2019-03-21 | 2026-06-16 |
| CVE-2012-5105 | Multiple cross-site scripting (XSS) vulnerabilities in SQLiteManager 1.2.4 allow remote attackers to inject arbitrary web script or HTML via the dbsel parameter to (1) main.php or (2) index.php; or (3) nsextt parameter to index.php. | [email protected] | 4.3 | 5.10% | 2012-09-23 | 2026-06-16 |
| CVE-2009-4539 | Cross-site scripting (XSS) vulnerability in main.php in SQLiteManager 1.2.0 allows remote attackers to inject arbitrary web script or HTML via the redirect parameter. | [email protected] | 4.3 | 1.71% | 2010-01-04 | 2026-06-16 |
| CVE-2007-1231 | Multiple cross-site scripting (XSS) vulnerabilities in SQLiteManager 1.2.0 allow remote attackers to inject arbitrary web script or HTML via the (1) database name, (2) table name, (3) ViewName, (4) view, (5) trigger, and (6) function fields in main.php and certain other files. | [email protected] | 4.3 | 1.54% | 2007-03-03 | 2026-06-16 |