CVE-2008-6420

Published: Mar 6, 2009Modified: Apr 23, 2026

5.0

Vector

AV:N/AC:L/Au:N/C:P/I:N/A:N

Exploitability: 10.0 / Impact: 2.9

Source: NVD

Description

Social Site Generator (SSG) 2.0 allows remote attackers to read arbitrary files via the file parameter to (1) filedload.php, (2) webadmin/download.php, and (3) webadmin/download_file.php.

Affected (1)

Products: Socialsitegenerator: Social Site Generator

Socialsitegenerator

1 product

Social Site Generator

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Socialsitegenerator Social Site Generator	Version 2.0

Related CWEs

CWE-200

Exposure of Sensitive Information to an Unauthorized Actor

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

References (14)

http://osvdb.org/45862

Source: cve@mitre.org

http://osvdb.org/45863

Source: cve@mitre.org

http://osvdb.org/45864

Source: cve@mitre.org

http://secunia.com/advisories/30462

Source: cve@mitre.org

Vendor Advisory

http://www.securityfocus.com/bid/34149

Source: cve@mitre.org

https://exchange.xforce.ibmcloud.com/vulnerabilities/42781

Source: cve@mitre.org

https://www.exploit-db.com/exploits/5711

Source: cve@mitre.org

http://osvdb.org/45862