Lucene search
K

4 matches found

NVD
NVD
added 2009/03/06 6:30 p.m.11 views

CVE-2008-6419

Multiple SQL injection vulnerabilities in Social Site Generator SSG 2.0 allow remote attackers to execute arbitrary SQL commands via the 1 sgcid parameter to displayblog.php, 2 scmmemid parameter to socialmyprofiledownload.php, and the 3 catid parameter to socialforumsubcategories.php...

7.5CVSS8.5AI score0.01235EPSS
Exploits0References7
CVE
CVE
added 2009/03/06 6:0 p.m.36 views

CVE-2008-6420

The CVE-2008-6420 entry concerns Social Site Generator (SSG) 2.0. The vulnerability allows remote attackers to read arbitrary files via the file parameter to (1) filedload.php, (2) webadmin/download.php, and (3) webadmin/download_file.php. The impact is described as partial confidentiality leakag...

5CVSS6.9AI score0.03559EPSS
Exploits0References7Affected Software1
CVE
CVE
added 2009/03/06 6:0 p.m.49 views

CVE-2008-6419

CVE-2008-6419 concerns multiple SQL injection vulnerabilities in Social Site Generator (SSG) 2.0 . The vulnerabilities allow remote attackers to send crafted input to vulnerable parameters in PHP scripts, enabling execution of arbitrary SQL commands: (1) sgc_id via display_blog.php, (2) scm_mem_i...

7.5CVSS8.8AI score0.01235EPSS
Exploits0References7Affected Software1
CVE
CVE
added 2009/03/06 6:0 p.m.41 views

CVE-2008-6421

CVE-2008-6421: A PHP remote file inclusion vulnerability in Social Site Generator (SSG) 2.0, via the path parameter in social_game_play.php, allows a remote attacker to execute arbitrary PHP code. Affected software/component: Social Site Generator 2.0; vulnerability type: remote file inclusion. I...

7.5CVSS7.8AI score0.029EPSS
Exploits0References5Affected Software1
Rows per page
Query Builder