Vulnerabilities > Socialsitegenerator
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2009-03-06 | CVE-2008-6421 | Code Injection vulnerability in Socialsitegenerator Social Site Generator 2.0 PHP remote file inclusion vulnerability in social_game_play.php in Social Site Generator (SSG) 2.0 allows remote attackers to execute arbitrary PHP code via a URL in the path parameter. | 7.5 |
2009-03-06 | CVE-2008-6420 | Information Exposure vulnerability in Socialsitegenerator Social Site Generator 2.0 Social Site Generator (SSG) 2.0 allows remote attackers to read arbitrary files via the file parameter to (1) filedload.php, (2) webadmin/download.php, and (3) webadmin/download_file.php. | 5.0 |
2009-03-06 | CVE-2008-6419 | SQL Injection vulnerability in Socialsitegenerator Social Site Generator 2.0 Multiple SQL injection vulnerabilities in Social Site Generator (SSG) 2.0 allow remote attackers to execute arbitrary SQL commands via the (1) sgc_id parameter to display_blog.php, (2) scm_mem_id parameter to social_my_profile_download.php, and the (3) catid parameter to social_forum_subcategories.php. | 7.5 |