CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2008-3212

Multiple SQL injection vulnerabilities in Scripteen Free Image Hosting Script 1.2.1 allow remote attackers to execute arbitrary SQL commands via the (1) username or (2) password parameter to admin/login.php, or the (3) uname or (4) pass parameter to login.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 37.4%

CVSS Severity

CVSS v2 Score 7.5

References

http://secunia.com/advisories/31083
http://www.securityfocus.com/bid/30216
https://exchange.xforce.ibmcloud.com/vulnerabilities/43772
http://secunia.com/advisories/31083
http://www.securityfocus.com/bid/30216
https://exchange.xforce.ibmcloud.com/vulnerabilities/43772

Products affected by CVE-2008-3212

Scripteen » Free Image Hosting Script » Version: 1.2.1

cpe:2.3:a:scripteen:free_image_hosting_script:1.2.1

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2008-3212

Products

Pricing

Contact Us