Vulnerabilities (CVE)

Filtered by vendor Abweb Subscribe
Total 3 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2008-6613 1 Abweb 1 Minimal-ablog 2024-11-21 7.5 HIGH N/A
uploader.php in minimal-ablog 0.4 does not properly restrict access, which allows remote attackers to gain administrative privileges via a direct request.
CVE-2008-6612 1 Abweb 1 Minimal-ablog 2024-11-21 6.8 MEDIUM N/A
Unrestricted file upload vulnerability in admin/uploader.php in Minimal ABlog 0.4 allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in img/.
CVE-2008-6611 1 Abweb 1 Minimal Ablog 2024-11-21 7.5 HIGH N/A
SQL injection vulnerability in index.php in Minimal ABlog 0.4 allows remote attackers to execute arbitrary SQL commands via the id parameter.