Sqlite Improper Neutralization of Special Elements used in an SQL Command (SQL Injection) Vulnerability - CVE-2008-6593 - Vulnerability Database

Sqlite Improper Neutralization of Special Elements used in an SQL Command (SQL Injection) Vulnerability - CVE-2008-6593

High
Reference: CVE-2008-6593
Title: Sqlite Improper Neutralization of Special Elements used in an SQL Command (SQL Injection) Vulnerability
Overview:

SQL injection vulnerability in LightNEasy/lightneasy.php in LightNEasy SQLite 1.2.2 and earlier allows remote attackers to inject arbitrary PHP code into comments.dat via the dlid parameter to index.php.