CVE-2019-7731

Name of the Vulnerable Software and Affected Versions MyWebSQL version 3.7

Description The issue allows for remote code execution (RCE) after an attacker writes shell code into the database and executes the Backup Database function with a .php filename for the backup's archive file.

Recommendations For MyWebSQL version 3.7, avoid using the Backup Database function with .php filenames for the backup's archive file until a patch is available. As a temporary workaround, consider restricting access to the Backup Database function to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.