3 matches found
CVE-2008-1859
CVE-2008-1859 is a confirmed SQL injection in iScripts SocialWare . The vulnerability resides in events.php and is exploitable via the id parameter in a show action, enabling remote attackers to execute arbitrary SQL commands. This is supported by multiple sources within the connected documents, ...
CVE-2008-1790
This CVE affects iScripts SocialWare . It describes an unrestricted file upload vulnerability where remote authenticated administrators can upload arbitrary files through a crafted logo file in the Manage Settings function. The exploit is noted to be facilitated by a separate SQL injection vulner...
CVE-2008-1772
The CVE-2008-1772 entry concerns iScripts SocialWare, where passwords are stored in cleartext in the database. This creates an information disclosure risk because an attacker who can access the database could retrieve user credentials. The provided sources (NVD/NIST, CVE records) confirm the unde...