CVE-2008-6247

Scripts-for-sites EZ Top Sites - SQL Injection

Title source: rule

Description

SQL injection vulnerability in topsite.php in Scripts For Sites (SFS) EZ Top Sites allows remote attackers to execute arbitrary SQL commands via the ts parameter.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Stack · textwebappsphp

https://www.exploit-db.com/exploits/6920

View Code ZIP pw:eip

References (4)

[Vendor Advisory] http://secunia.com/advisories/32526

[Exploit] http://www.securityfocus.com/bid/32038

[Exploit, Third Party Advisory] https://www.exploit-db.com/exploits/6920

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/46274

Scores

EPSS 0.0038

EPSS Percentile 58.8%

Classification

CWE

CWE-89

Status draft

Affected Products (1)

scripts-for-sites/ez_top_sites

Timeline

Published Feb 23, 2009

Tracked Since Feb 18, 2026