cpe:/a:scripteen:free_image_hosting_script:1.2.1 CVE-2008-3212 2008-07-18T11:13:00.000-04:00 2017-08-07T21:31:40.730-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2008-07-18T14:21:00.000-04:00 BID 30216 SECUNIA 31083 XF fihs-login-sql-injection(43772) Multiple SQL injection vulnerabilities in Scripteen Free Image Hosting Script 1.2.1 allow remote attackers to execute arbitrary SQL commands via the (1) username or (2) password parameter to admin/login.php, or the (3) uname or (4) pass parameter to login.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.