Socialware Security Vulnerabilities and Issues — Socialware CVE List

Lucene search

IscriptsSocialware

3 matches found

CVE•added 2008/04/16 7:5 p.m.•32 views

CVE-2008-1859

SQL injection vulnerability in events.php in iScripts SocialWare allows remote attackers to execute arbitrary SQL commands via the id parameter in a show action.

7.5CVSS8.3AI score0.00372EPSS

CVE•added 2008/04/15 5:5 p.m.•26 views

CVE-2008-1790

Unrestricted file upload vulnerability in iScripts SocialWare allows remote authenticated administrators to upload arbitrary files via a crafted logo file in the "Manage Settings" functionality. NOTE: remote exploitation is facilitated by a separate SQL injection vulnerability.

6.5CVSS7.2AI score0.00621EPSS

CVE•added 2008/04/14 4:5 p.m.•25 views

CVE-2008-1772

iScripts SocialWare stores passwords in cleartext in a database, which allows context-dependent attackers to obtain sensitive information.

5CVSS6.3AI score0.03467EPSS