CVE-2008-4754

EUVD-2008-4734
SQL injection vulnerability in forum.php in Scripts for Sites (SFS) Ez Forum allows remote attackers to execute arbitrary SQL commands via the forum parameter.
SQL Injection
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
5.8 UNKNOWN
ADJACENT_NETWORK
LOW
AV:A/AC:L/Au:N/C:P/I:P/A:P
Base Score
CVSS 3.x
EPSS Score
Percentile: 77%
Affected Products (NVD)
VendorProductVersion
scripts-for-sitesez_forum
*
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://secunia.com/advisories/32397
http://securityreason.com/securityalert/4513
http://www.securityfocus.com/bid/31924
http://www.vupen.com/english/advisories/2008/2922
https://exchange.xforce.ibmcloud.com/vulnerabilities/46113
https://www.exploit-db.com/exploits/6843
http://secunia.com/advisories/32397
http://securityreason.com/securityalert/4513
http://www.securityfocus.com/bid/31924
http://www.vupen.com/english/advisories/2008/2922
https://exchange.xforce.ibmcloud.com/vulnerabilities/46113
https://www.exploit-db.com/exploits/6843