Vulnerabilities (CVE)

Filtered by vendor Mihalism Subscribe
Filtered by product Multi Host
Total 3 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2008-0714 1 Mihalism 1 Multi Host 2024-11-21 6.8 MEDIUM N/A
SQL injection vulnerability in users.php in Mihalism Multi Host allows remote attackers to execute arbitrary SQL commands via the username parameter in a lost_password_go action.
CVE-2007-6657 1 Mihalism 1 Multi Host 2024-11-21 7.5 HIGH N/A
PHP remote file inclusion vulnerability in source/includes/load_forum.php in Mihalism Multi Forum Host 3.0.x and earlier allows remote attackers to execute arbitrary PHP code via a URL in the mfh_root_path parameter.
CVE-2007-6653 1 Mihalism 1 Multi Host 2024-11-21 5.0 MEDIUM N/A
Directory traversal vulnerability in download.php in Mihalism Multi Host 2.0.7 allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter.