CVE-2008-6776

N/A Unknown

Published: May 01, 2009 Modified: April 23, 2026

Description

SQL injection vulnerability in viewcomments.php in Scripts For Sites (SFS) EZ Hot or Not allows remote attackers to execute arbitrary SQL commands via the phid parameter.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory

http://osvdb.org/49540

Source: cve@mitre.org

Exploit

http://secunia.com/advisories/32532

Source: cve@mitre.org

Vendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/46278

Source: cve@mitre.org

https://www.exploit-db.com/exploits/6914

Source: cve@mitre.org

http://osvdb.org/49540

Source: af854a3a-2127-422b-91ae-364da2661108

Exploit

http://secunia.com/advisories/32532

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/46278

Source: af854a3a-2127-422b-91ae-364da2661108

https://www.exploit-db.com/exploits/6914

Source: af854a3a-2127-422b-91ae-364da2661108

8 reference(s) from NVD

Quick Stats

CVSS v3 Score

N/A / 10.0

EPSS (Exploit Probability)

0.3%

57th percentile

Exploitation Status

Not in CISA KEV

Weaknesses (CWE)

CWE-89

Affected Vendors

scripts-for-sites

Related CVEs