RSS   Vulnerabilities for 'Multi host'   RSS

2008-02-11
 
CVE-2008-0714

 

 
SQL injection vulnerability in users.php in Mihalism Multi Host allows remote attackers to execute arbitrary SQL commands via the username parameter in a lost_password_go action.

 
2008-01-04
 
CVE-2007-6657

 

 
PHP remote file inclusion vulnerability in source/includes/load_forum.php in Mihalism Multi Forum Host 3.0.x and earlier allows remote attackers to execute arbitrary PHP code via a URL in the mfh_root_path parameter.

 
 
CVE-2007-6653

 

 
Directory traversal vulnerability in download.php in Mihalism Multi Host 2.0.7 allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter.

 


Copyright 2024, cxsecurity.com

 

Back to Top