Unrated severityNVD Advisory· Published Aug 20, 2009· Updated Jun 16, 2026
CVE-2009-2892
CVE-2009-2892
Description
Multiple SQL injection vulnerabilities in header.php in Scripteen Free Image Hosting Script 2.3 allow remote attackers to execute arbitrary SQL commands via a (1) cookid or (2) cookgid cookie.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2cpe:2.3:a:scripteen:free_image_hosting_script:2.3:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:scripteen:free_image_hosting_script:2.3:*:*:*:*:*:*:*
- (no CPE)range: 2.3
Patches
Vulnerability mechanics
References
5- www.scripteen.com/forum/news-announcements-f2-scripteen-free-image-hosting-script-v2-4-t766.htmlnvdPatchURL Repurposed
- www.scripteen.com/forum/bug-reports-f15-my-image-hosting-site-got-hacked-t764.htmlnvdExploitURL Repurposed
- www.securityfocus.com/bid/35800nvdExploit
- secunia.com/advisories/35976nvdVendor Advisory
- www.exploit-db.com/exploits/9252nvd
News mentions
0No linked articles in our index yet.