Mihalism : Security Vulnerabilities, CVEs,

CVE-2008-0714

SQL injection vulnerability in users.php in Mihalism Multi Host allows remote attackers to execute arbitrary SQL commands via the username parameter in a lost_password_go action.
Max CVSS
6.8
EPSS Score
0.15%
Published
2008-02-12
Updated
2017-09-29

CVE-2007-6657

PHP remote file inclusion vulnerability in source/includes/load_forum.php in Mihalism Multi Forum Host 3.0.x and earlier allows remote attackers to execute arbitrary PHP code via a URL in the mfh_root_path parameter.
Max CVSS
7.5
EPSS Score
2.73%
Published
2008-01-04
Updated
2017-09-29

CVE-2007-6653

Directory traversal vulnerability in download.php in Mihalism Multi Host 2.0.7 allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter.
Max CVSS
5.0
EPSS Score
1.79%
Published
2008-01-04
Updated
2017-09-29
3 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!
Accept Close