Socialware

socialware

Vendor: Iscripts • 3 CVEs

CVEs (3)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2008-1859 1Iscripts 1Socialware Apr 23, 2026 Apr 16, 2008 N/A· v4 N/A· v3 7.5 HIGH· v2 SQL injection vulnerability in events.php in iScripts SocialWare allows remote attackers to execute arbitrary SQL commands via the id parameter in a show action.
CVE-2008-1790 1Iscripts 1Socialware Apr 23, 2026 Apr 15, 2008 N/A· v4 N/A· v3 6.5 MEDIUM· v2 Unrestricted file upload vulnerability in iScripts SocialWare allows remote authenticated administrators to upload arbitrary files via a crafted logo file in the "Manage Settings" functionality. NOTE: remote exploitatio...Show more Unrestricted file upload vulnerability in iScripts SocialWare allows remote authenticated administrators to upload arbitrary files via a crafted logo file in the "Manage Settings" functionality. NOTE: remote exploitation is facilitated by a separate SQL injection vulnerability.Show less
CVE-2008-1772 1Iscripts 1Socialware Apr 23, 2026 Apr 14, 2008 N/A· v4 N/A· v3 5.0 MEDIUM· v2 iScripts SocialWare stores passwords in cleartext in a database, which allows context-dependent attackers to obtain sensitive information.