Aggregates CVE and security vulnerability intelligence across all mywebsql-related products, including CVSS, EPSS, publication dates, and vulnerability intelligence data.
Historical issues mainly involve vendor risk csrf and vendor risk file inclusion and related problems; some flaws may lead to vendor impact session compromise, affecting vendor surface production workloads scenarios.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2019-7731 | MyWebSQL 3.7 has a remote code execution (RCE) vulnerability after an attacker writes shell code into the database, and executes the Backup Database function with a .php filename for the backup's archive file. | [email protected] | 9.8 | 2.81% | 2019-02-11 | 2024-11-21 |
| CVE-2019-7730 | MyWebSQL 3.7 has a Cross-site request forgery (CSRF) vulnerability for deleting a database via the /?q=wrkfrm&type=databases URI. | [email protected] | 5.7 | 0.05% | 2019-02-11 | 2024-11-21 |
| CVE-2019-7544 | An issue was discovered in MyWebSQL 3.7. The Add User function of the User Manager pages has a Stored Cross-site Scripting (XSS) vulnerability in the User Name Field. | [email protected] | 5.4 | 0.21% | 2019-02-06 | 2024-11-21 |
| CVE-2017-1000011 | MyWebSQL version 3.6 is vulnerable to stored XSS in the database manager component resulting in account takeover or stealing of information | [email protected] | 6.1 | 0.21% | 2017-07-17 | 2026-05-13 |
| CVE-2014-4735 | Cross-site scripting (XSS) vulnerability in MyWebSQL 3.4 and earlier allows remote attackers to inject arbitrary web script or HTML via the table parameter to index.php. | [email protected] | 4.3 | 0.38% | 2014-09-12 | 2026-05-06 |