📦

web_hosting_directory_script

Vendor: softbiz

Actively Exploited 0 CISA KEV List

PoC / Exploits 2 Code Available

Total RCEs 0 Remote Access

Total CVEs 4 Total Indexed

Avg. EPSS 1.12% Exploit Prob.

Latest CVE CVE-2008-2087 May 06

Security Vulnerability Index

Page 1 / 1

6.8 CVSS

CVE-2008-2087

Exploit Found

SQL injection vulnerability in search_result.php in Softbiz Web Host Directory Script, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the host_id parameter, a different vector than CVE-2005-3817.

EPSS: 1.20%

Severity: MEDIUM

May 06, 2008

7.5 CVSS

CVE-2005-3817

Exploit Found

Multiple SQL injection vulnerabilities in Softbiz Web Host Directory Script 1.1 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) cid parameter in search_result.php, (2) sbres_id parameter in review.php, (3) cid parameter in browsecats.php, (4) h_id parameter in email.php, and (5) an unspecified parameter to the search module.

EPSS: 1.03%

Severity: HIGH

Nov 26, 2005

Displaying 2 of 4 Total Entries

Total 1 Sections