CVE-2009-2892

Name of the Vulnerable Software and Affected Versions: Scripteen Free Image Hosting Script version 2.3

Description: The issue concerns SQL injection vulnerabilities in the header.php file. Remote attackers can execute arbitrary SQL commands by manipulating the cookid or cookgid cookie.

Recommendations: For Scripteen Free Image Hosting Script version 2.3, update the header.php file to properly sanitize and validate user input to prevent SQL injection attacks. As a temporary workaround, consider implementing input validation for the cookid and cookgid cookies to minimize the risk of exploitation.