2 matches found
CVE-2008-6612
CVE-2008-6612 affects Minimal ABlog 0.4. The flaw is an unrestricted file upload in admin/uploader.php that allows remote code execution by uploading a file with an executable extension and then accessing it via a direct request to img/.[citation from NVD: Unrestricted file upload vulnerability t...
CVE-2008-6613
CVE-2008-6613 affects minimal-ablog 0.4, where uploader.php fails to properly restrict access. This allows remote attackers to gain administrative privileges via a direct request. The description and linked references confirm the component and impact but do not provide exploit details, affected v...