Produkt Mini file host (...) - CVEMAP.ORG

Podatności dla 'Mini file host'

2009-05-01

CVE-2008-6785

Unrestricted file upload vulnerability in Mini File Host 1.5 allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in an unspecified directory, as demonstrated by creating a name.php file.

2008-01-18

CVE-2008-0357

Directory traversal vulnerability in pages/upload.php in Galaxyscripts Mini File Host 1.2.1 and earlier allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the language parameter.

Copyright 2024, cxsecurity.com