← back
CVE-2008-6419

CVE-2008-6419

EPSS 1.2%
Multiple SQL injection vulnerabilities in Social Site Generator (SSG) 2.0 allow remote attackers to execute arbitrary SQL commands via the (1) sgc_id parameter to display_blog.php, (2) scm_mem_id parameter to social_my_profile_download.php, and the (3) catid parameter to social_forum_subcategories.php.
Affected products
n/a · n/a
public PoCs found1
cve_referencewww.exploit-db.com/exploits/5701unverified
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://osvdb.org/45859http://osvdb.org/45860http://osvdb.org/45861http://secunia.com/advisories/30462https://exchange.xforce.ibmcloud.com/vulnerabilities/42777https://www.exploit-db.com/exploits/5701http://www.securityfocus.com/bid/29452