CVE-2010-3485

LightNEasy 3.2.1 - SQL Injection

Title source: llm

Description

SQL injection vulnerability in common.php in LightNEasy 3.2.1 allows remote attackers to execute arbitrary SQL commands via the userhandle cookie to LightNEasy.php, a different vector than CVE-2008-6593. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

Exploits (1)

exploitdb WORKING POC

webappsphp

https://www.exploit-db.com/exploits/15060

View Code ZIP pw:eip

References (1)

[Vendor Advisory] http://secunia.com/advisories/41502

Scores

EPSS 0.0039

EPSS Percentile 60.0%

Details

CWE

CWE-89

Status published

Products (1)

lightneasy/lightneasy 3.2.1

Published Sep 22, 2010

Tracked Since Feb 18, 2026