SQLite Forum

Possible vulnerabilities from December 2019
Login
No he allows people to upload .SQLite databases of their choosing (or creation), and runs a (known to an attacker) select only query on them. Eg: An attacker knows he will be running SELECT ABC, DEF, YXZ FROM TABLE on their upload then he'll do some short python magic with the results of the select query. Knowing this, is he safe from exploitation?