Mega File Hosting Script Security Vulnerabilities and Issues — Mega File Hosting Script CVE List

YabsoftMega File Hosting Script

3 matches found

CVE•added 2009/03/19 10:0 a.m.•50 views

CVE-2009-0966

Affected product/variant: YABSoft Mega File Hosting 1.2 (cross.php). Vulnerability: PHP remote file inclusion via the url parameter in cross.php, enabling execution of arbitrary PHP code. NOTE: can also include and execute arbitrary local files using .. sequences. Impact (as documented): arbitrar...

7.5CVSS7.7AI score0.0254EPSS

CVE•added 2008/06/03 3:0 p.m.•48 views

CVE-2008-2521

The CVE describes a SQL injection in the YABSoft Mega File Hosting Script (MFH/MFHS) version 1.2, specifically in members.php, where the fid parameter can be manipulated by remote authenticated users to execute arbitrary SQL commands. The entry is supported by multiple sources (NVD, CVE lists, an...

6.5CVSS7.9AI score0.00895EPSS

CVE•added 2009/10/09 2:18 p.m.•48 views

CVE-2009-3647

CVE-2009-3647 describes a cross-site scripting (XSS) vulnerability in the YABSoft Mega File Hosting Script (MFH/MFHS) 1.2, where an attacker can inject arbitrary web script or HTML via the moudi parameter in emaullinks.php. The evidence in connected sources confirms the affected component and the...

4.3CVSS5.6AI score0.01189EPSS