← Back

Social Engine

social_engine

Vendor: Social Engine • 3 CVEs

CVEs (3)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2008-3298
1Social Engine
1Social Engine
Apr 23, 2026
Jul 25, 2008
N/A· v4
N/A· v3
6.0 MEDIUM· v2
SocialEngine (SE) before 2.83 grants certain write privileges for templates, which allows remote authenticated administrators to execute arbitrary PHP code.
CVE-2008-3297
1Social Engine
1Social Engine
Apr 23, 2026
Jul 25, 2008
N/A· v4
N/A· v3
7.5 HIGH· v2
Multiple SQL injection vulnerabilities in SocialEngine (SE) before 2.83 allow remote attackers to execute arbitrary SQL commands via (1) an se_user cookie to include/class_user.php or (2) an se_admin cookie to include/cl...Show more
Multiple SQL injection vulnerabilities in SocialEngine (SE) before 2.83 allow remote attackers to execute arbitrary SQL commands via (1) an se_user cookie to include/class_user.php or (2) an se_admin cookie to include/class_admin.php.Show less
CVE-2007-6581
1Social Engine
1Social Engine
Apr 23, 2026
Dec 28, 2007
N/A· v4
N/A· v3
6.4 MEDIUM· v2
Multiple directory traversal vulnerabilities in Social Engine 2.0 allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the global_lang parameter to (1) header_album.php, (2) header_bl...Show more
Multiple directory traversal vulnerabilities in Social Engine 2.0 allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the global_lang parameter to (1) header_album.php, (2) header_blog.php, or (3) header_group.php; or (4) admin_header_album.php, (5) admin_header_blog.php, or (6) admin_header_group.php in admin/.Show less