Vulnerabilities > Galaxyscripts
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2009-05-01 | CVE-2008-6785 | Code Injection vulnerability in Galaxyscripts Mini File Host 1.5 Unrestricted file upload vulnerability in Mini File Host 1.5 allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in an unspecified directory, as demonstrated by creating a name.php file. | 6.8 |
2008-01-18 | CVE-2008-0357 | Path Traversal vulnerability in Galaxyscripts Mini File Host Directory traversal vulnerability in pages/upload.php in Galaxyscripts Mini File Host 1.2.1 and earlier allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the language parameter. | 4.3 |