{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-15T12:39:58.042","vulnerabilities":[{"cve":{"id":"CVE-2008-1790","sourceIdentifier":"cve@mitre.org","published":"2008-04-15T17:05:00.000","lastModified":"2025-04-09T00:30:58.490","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Unrestricted file upload vulnerability in iScripts SocialWare allows remote authenticated administrators to upload arbitrary files via a crafted logo file in the \"Manage Settings\" functionality.  NOTE: remote exploitation is facilitated by a separate SQL injection vulnerability."},{"lang":"es","value":"Vulnerabilidad de subida de ficheros no restringidos en iScripts SocialWare permite a administradores remotos autenticados subir ficheros de su elección a través de un fichero logo manipulado en la funcionalidad \"Manage Settings\". \r\nNOTA: explotación remota es facilitada por una vulnerabilidad de inyección SQL aparte.\r\n"}],"metrics":{"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N\/AC:L\/Au:S\/C:P\/I:P\/A:P","baseScore":6.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"SINGLE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":8.0,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":true,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-264"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:iscripts:socialware:*:*:*:*:*:*:*:*","matchCriteriaId":"6D73C65C-89FF-483A-AB91-4F8522599DD3"}]}]}],"references":[{"url":"http:\/\/secunia.com\/advisories\/29725","source":"cve@mitre.org","tags":["Vendor Advisory"]},{"url":"http:\/\/www.osvdb.org\/44327","source":"cve@mitre.org"},{"url":"http:\/\/www.securityfocus.com\/bid\/28670","source":"cve@mitre.org"},{"url":"http:\/\/www.vupen.com\/english\/advisories\/2008\/1137\/references","source":"cve@mitre.org"},{"url":"https:\/\/exchange.xforce.ibmcloud.com\/vulnerabilities\/41751","source":"cve@mitre.org"},{"url":"https:\/\/www.exploit-db.com\/exploits\/5402","source":"cve@mitre.org"},{"url":"http:\/\/secunia.com\/advisories\/29725","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]},{"url":"http:\/\/www.osvdb.org\/44327","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http:\/\/www.securityfocus.com\/bid\/28670","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http:\/\/www.vupen.com\/english\/advisories\/2008\/1137\/references","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https:\/\/exchange.xforce.ibmcloud.com\/vulnerabilities\/41751","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https:\/\/www.exploit-db.com\/exploits\/5402","source":"af854a3a-2127-422b-91ae-364da2661108"}]}}]}