Lucene search
MitreCVE-2008-6419HistoryMar 06, 2009 - 6:30 p.m.
CVE-2008-6419
2009-03-0618:30:00
CWE-89
mitre
web.nvd.nist.gov
25
cve-2008-6419
sql injection
social site generator
ssg 2.0
remote attack
nvd
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
8.8
Confidence
Low
EPSS
0.004
Percentile
73.6%
Multiple SQL injection vulnerabilities in Social Site Generator (SSG) 2.0 allow remote attackers to execute arbitrary SQL commands via the (1) sgc_id parameter to display_blog.php, (2) scm_mem_id parameter to social_my_profile_download.php, and the (3) catid parameter to social_forum_subcategories.php.
Affected configurations
Node
socialsitegeneratorsocial_site_generatorMatch2.0
| Vendor | Product | Version | CPE |
|---|---|---|---|
| socialsitegenerator | social_site_generator | 2.0 | cpe:2.3:a:socialsitegenerator:social_site_generator:2.0:*:*:*:*:*:*:* |
Related
prion
prion
Sql injection
2009-03-06 18:30:00
cvelist
cvelist
CVE-2008-6419
2009-03-06 18:00:00
nvd
nvd
CVE-2008-6419
2009-03-06 18:30:00
exploitdb
exploitdb
Social Site Generator 2.0 - 'sgc_id' SQL Injection
2008-05-31 00:00:00
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
8.8
Confidence
Low
EPSS
0.004
Percentile
73.6%
Related for CVE-2008-6419