Lucene search
K
MemhtMemht Portal

5 matches found

CVE
CVE
added 2008/11/18 11:0 a.m.51 views

CVE-2008-5132

CVE-2008-5132 is a SQL injection vulnerability in MemHT Portal 4.0.1, specifically in inc/ajax/ajax_rating.php. The issue allows remote attackers to execute arbitrary SQL commands by sending a crafted X-Forwarded-For HTTP header. The CVE entry notes impact as partial confidentiality/integrity/ava...

7.5CVSS8.4AI score0.02359EPSS
Web
CVE
CVE
added 2015/01/03 11:0 a.m.47 views

CVE-2010-5320

CVE-2010-5320 relates to MemHT Portal 4.0.1 and describes multiple cross-site request forgery (CSRF) vulnerabilities that allow remote attackers to hijack administrator authentication for requests to admin.php affecting settings, articles, and users. The connected documents corroborate the same d...

6.8CVSS7.4AI score0.00609EPSS
CVE
CVE
added 2008/10/07 12:0 a.m.41 views

CVE-2008-4457

MemHT Portal 3.9.0 and earlier are affected by a SQL injection vulnerability in inc/inc_statistics.php. The issue arises when magic_quotes_gpc is disabled, allowing remote attackers to inject SQL via the stats_res cookie to index.php. Connected documents confirm the affected product and the vulne...

6.8CVSS8.3AI score0.01213EPSS
Web
CVE
CVE
added 2008/09/22 5:0 p.m.40 views

CVE-2008-4164

CVE-2008-4164 affects MemHT Portal versions 3.9.0 and earlier. The issue is information disclosure via cron.php, where a direct request reveals the installation path in an error message. This is a remote vulnerability with network access and partial confidentiality impact as described. Exploit re...

2.6CVSS6.1AI score0.02237EPSS
CVE
CVE
added 2009/01/30 7:0 p.m.40 views

CVE-2009-0372

The CVE-2009-0372 vulnerability affects Miltenovik Manojlo MemHT Portal (versions 4.0.1 and earlier). An authenticated remote user can upload a file with an executable extension using the editProfile action and then access the uploaded file from images/avatar/uploaded/ to execute arbitrary code. ...

6.5CVSS7.5AI score0.03468EPSS
Web