Vulnerabilities > Scripteen > Free Image Hosting Script > 1.2.1

DATE CVE VULNERABILITY TITLE RISK
2008-07-18 CVE-2008-3212 SQL Injection vulnerability in Scripteen Free Image Hosting Script 1.2.1
Multiple SQL injection vulnerabilities in Scripteen Free Image Hosting Script 1.2.1 allow remote attackers to execute arbitrary SQL commands via the (1) username or (2) password parameter to admin/login.php, or the (3) uname or (4) pass parameter to login.php.
network
low complexity
scripteen CWE-89
7.5
7.5
2008-07-18 CVE-2008-3211 Improper Authentication vulnerability in Scripteen Free Image Hosting Script 1.2/1.2.1
Scripteen Free Image Hosting Script 1.2 and 1.2.1 allows remote attackers to bypass authentication and gain administrative access by setting the cookid cookie value to 1.
network
low complexity
scripteen CWE-287
7.5
7.5