Socialsitegenerator Social Site Generator vulnerabilities
3 known vulnerabilities affecting socialsitegenerator/social_site_generator.
Total CVEs
3
CISA KEV
0
Public exploits
3
Exploited in wild
0
Severity breakdown
HIGH2MEDIUM1
Vulnerabilities
Page 1 of 1
CVE-2008-6421P3HIGHCVSS 7.5PoCv2.02009-03-06
CVE-2008-6421 [HIGH] CWE-94 CVE-2008-6421: PHP remote file inclusion vulnerability in social_game_play.php in Social Site Generator (SSG) 2.0 a
PHP remote file inclusion vulnerability in social_game_play.php in Social Site Generator (SSG) 2.0 allows remote attackers to execute arbitrary PHP code via a URL in the path parameter.
nvd
CVE-2008-6419P3HIGHCVSS 7.5PoCv2.02009-03-06
CVE-2008-6419 [HIGH] CWE-89 CVE-2008-6419: Multiple SQL injection vulnerabilities in Social Site Generator (SSG) 2.0 allow remote attackers to
Multiple SQL injection vulnerabilities in Social Site Generator (SSG) 2.0 allow remote attackers to execute arbitrary SQL commands via the (1) sgc_id parameter to display_blog.php, (2) scm_mem_id parameter to social_my_profile_download.php, and the (3) catid parameter to social_forum_subcategories.php.
nvd
CVE-2008-6420P3MEDIUMCVSS 5.0PoCv2.02009-03-06
CVE-2008-6420 [MEDIUM] CWE-200 CVE-2008-6420: Social Site Generator (SSG) 2.0 allows remote attackers to read arbitrary files via the file paramet
Social Site Generator (SSG) 2.0 allows remote attackers to read arbitrary files via the file parameter to (1) filedload.php, (2) webadmin/download.php, and (3) webadmin/download_file.php.
nvd