CVE-2008-6776

2009-05-0117:00:00

mitre

www.cve.org

8.4 High

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

43.6%

JSON

SQL injection vulnerability in viewcomments.php in Scripts For Sites (SFS) EZ Hot or Not allows remote attackers to execute arbitrary SQL commands via the phid parameter.

References

osvdb.org/49540

secunia.com/advisories/32532

exchange.xforce.ibmcloud.com/vulnerabilities/46278

www.exploit-db.com/exploits/6914