Recent Vulnerabilities Research Posts Trends Blog About Contact

Published: 20/08/2009 Updated: 14/02/2024

CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10

VMScore: 755

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Multiple SQL injection vulnerabilities in header.php in Scripteen Free Image Hosting Script 2.3 allow remote malicious users to execute arbitrary SQL commands via a (1) cookid or (2) cookgid cookie.

Vulnerable Product	Search on Vulmon	Subscribe to Product
scripteen free image hosting script 2.3

=================== Scripteen Free Image Hosting Script v23 SQL Injection vulnerable =================== The vulnerable: headerphp (line 53-62) $userid=$_SESSION['userid']; $usergid=$_SESSION['usergid']; if (!$userid || empty($userid) || $userid==""){ $userid = $_COOKIE['cookid']; } if (!$usergid || empty($usergid) || $usergid==""){ ...

CWE-89 http://www.securityfocus.com/bid/35800 http://secunia.com/advisories/35976 http://www.scripteen.com/forum/news-announcements-f2-scripteen-free-image-hosting-script-v2-4-t766.html http://www.scripteen.com/forum/bug-reports-f15-my-image-hosting-site-got-hacked-t764.html http://www.exploit-db.com/exploits/9252 https://nvd.nist.gov https://www.exploit-db.com/exploits/9252/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2009-2892

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect