Vulnerabilities > Social Engine > Social Engine > 1.1
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2008-07-25 | CVE-2008-3298 | Code Injection vulnerability in Social Engine Social Engine SocialEngine (SE) before 2.83 grants certain write privileges for templates, which allows remote authenticated administrators to execute arbitrary PHP code. | 6.0 |
2008-07-25 | CVE-2008-3297 | SQL Injection vulnerability in Social Engine Social Engine Multiple SQL injection vulnerabilities in SocialEngine (SE) before 2.83 allow remote attackers to execute arbitrary SQL commands via (1) an se_user cookie to include/class_user.php or (2) an se_admin cookie to include/class_admin.php. | 7.5 |