4 matches found
CVE-2008-6419
Multiple SQL injection vulnerabilities in Social Site Generator SSG 2.0 allow remote attackers to execute arbitrary SQL commands via the 1 sgcid parameter to displayblog.php, 2 scmmemid parameter to socialmyprofiledownload.php, and the 3 catid parameter to socialforumsubcategories.php...
CVE-2008-6420
The CVE-2008-6420 entry concerns Social Site Generator (SSG) 2.0. The vulnerability allows remote attackers to read arbitrary files via the file parameter to (1) filedload.php, (2) webadmin/download.php, and (3) webadmin/download_file.php. The impact is described as partial confidentiality leakag...
CVE-2008-6419
CVE-2008-6419 concerns multiple SQL injection vulnerabilities in Social Site Generator (SSG) 2.0 . The vulnerabilities allow remote attackers to send crafted input to vulnerable parameters in PHP scripts, enabling execution of arbitrary SQL commands: (1) sgc_id via display_blog.php, (2) scm_mem_i...
CVE-2008-6421
CVE-2008-6421: A PHP remote file inclusion vulnerability in Social Site Generator (SSG) 2.0, via the path parameter in social_game_play.php, allows a remote attacker to execute arbitrary PHP code. Affected software/component: Social Site Generator 2.0; vulnerability type: remote file inclusion. I...