2 matches found
CVE-2008-5970
CVE-2008-5970 documents an SQL injection in profile_social.php of the i-Net Solution Orkut Clone, exploitable via the id parameter by remote authenticated users. The vulnerability stems from improper input handling, enabling arbitrary SQL execution and compromising confidentiality, integrity, and...
CVE-2008-5971
CVE-2008-5971 describes a cross-site scripting (XSS) vulnerability in the profile_social.php component of the i-Net Solution Orkut Clone. The issue allows remote authenticated users to inject arbitrary web script or HTML by manipulating the id parameter. The available references from NVD/PRION/CV...