CVE-2008-4754

SQL injection vulnerability in forum.php in Scripts for Sites (SFS) Ez Forum allows remote attackers to execute arbitrary SQL commands via the forum parameter.
SQL Injection
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
5.8 UNKNOWN
ADJACENT_NETWORK
LOW
AV:A/AC:L/Au:N/C:P/I:P/A:P
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 61%
VendorProductVersion
scripts-for-sitesez_forum
*
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://secunia.com/advisories/32397
http://securityreason.com/securityalert/4513
http://www.securityfocus.com/bid/31924
http://www.vupen.com/english/advisories/2008/2922
https://exchange.xforce.ibmcloud.com/vulnerabilities/46113
https://www.exploit-db.com/exploits/6843
http://secunia.com/advisories/32397
http://securityreason.com/securityalert/4513
http://www.securityfocus.com/bid/31924
http://www.vupen.com/english/advisories/2008/2922
https://exchange.xforce.ibmcloud.com/vulnerabilities/46113
https://www.exploit-db.com/exploits/6843