Minimal Ablog
Sign in to watchby Abweb
CVEs (3)
| CVE | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2008-6613 | 0.03 | — | 0.02 | Apr 6, 2009 | uploader.php in minimal-ablog 0.4 does not properly restrict access, which allows remote attackers to gain administrative privileges via a direct request. | ||
| CVE-2008-6612 | 0.03 | — | 0.05 | Apr 6, 2009 | Unrestricted file upload vulnerability in admin/uploader.php in Minimal ABlog 0.4 allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in img/. | ||
| CVE-2008-6611 | 0.03 | — | 0.01 | Apr 6, 2009 | SQL injection vulnerability in index.php in Minimal ABlog 0.4 allows remote attackers to execute arbitrary SQL commands via the id parameter. |