CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 2CVE-2015-5064 – MySQL Lite Administrator Beta 1 Cross Site Scripting
https://notcve.org/view.php?id=CVE-2015-5064
22 Jun 2015 — Multiple cross-site scripting (XSS) vulnerabilities in MySql Lite Administrator (mysql-lite-administrator) beta-1 allow remote attackers to inject arbitrary web script or HTML via the table_name parameter to (1) tabella.php, (2) coloni.php, or (3) insert.php or (4) num_row parameter to coloni.php. Múltiples vulnerabilidades de XSS en MySql Lite Administrator (mysql-lite-administrator) beta-1 permiten a atacantes remotos inyectar secuencias de comandos web arbitrarios o HTML a través del parámetro table_name... • https://packetstorm.news/files/id/132420 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2014-1466
https://notcve.org/view.php?id=CVE-2014-1466
15 Jan 2014 — SQL injection vulnerability in CSP MySQL User Manager 2.3 allows remote attackers to execute arbitrary SQL commands via the login field of the login page. Vulnerabilidad de inyección de SQL en CSP MySQL User Manager 2.3 permite a atacantes remotos ejecutar comandos de SQL arbitrarios a través del campo de login de la página de inicio de sesión. • http://osvdb.org/101867 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •