vendor:
LineWeb
by:
7.5
CVSS
HIGH
Multiple local file-include vulnerabilities, SQL-injection vulnerability, Security-bypass vulnerability
CWE
Product Name: LineWeb
Affected Version From: 1.0.5
Affected Version To:
Patch Exists: NO
Related CWE:
CPE:
Platforms Tested:
LineWeb Multiple Remote Vulnerabilities
An attacker can exploit these issues to execute arbitrary local files within the context of the webserver process, obtain sensitive information, compromise the affected application, access or modify data, or exploit latent vulnerabilities in the underlying database.
Mitigation:
Update to a patched version of LineWeb.