Vulnerabilities (CVE)

Filtered by vendor Abweb Subscribe
Filtered by product Minimal-ablog
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2008-6613 1 Abweb 1 Minimal-ablog 2024-11-21 7.5 HIGH N/A
uploader.php in minimal-ablog 0.4 does not properly restrict access, which allows remote attackers to gain administrative privileges via a direct request.
CVE-2008-6612 1 Abweb 1 Minimal-ablog 2024-11-21 6.8 MEDIUM N/A
Unrestricted file upload vulnerability in admin/uploader.php in Minimal ABlog 0.4 allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in img/.