RSS   Vulnerabilities for 'Free image hosting script'   RSS

2010-08-25
 
CVE-2009-4987

CWE-287
 

 
admin/header.php in Scripteen Free Image Hosting Script 2.3 allows remote attackers to bypass authentication and gain administrative access by setting the cookgid cookie value to 1, a different vector than CVE-2008-3211.

 
2009-08-20
 
CVE-2009-2892

 

 
Multiple SQL injection vulnerabilities in header.php in Scripteen Free Image Hosting Script 2.3 allow remote attackers to execute arbitrary SQL commands via a (1) cookid or (2) cookgid cookie.

 
2008-07-18
 
CVE-2008-3212

CWE-89
 

 
Multiple SQL injection vulnerabilities in Scripteen Free Image Hosting Script 1.2.1 allow remote attackers to execute arbitrary SQL commands via the (1) username or (2) password parameter to admin/login.php, or the (3) uname or (4) pass parameter to login.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

 
 
CVE-2008-3211

CWE-287
 

 
Scripteen Free Image Hosting Script 1.2 and 1.2.1 allows remote attackers to bypass authentication and gain administrative access by setting the cookid cookie value to 1.

 


Copyright 2024, cxsecurity.com

 

Back to Top