Vulnerabilities > Memht > Memht Portal > 4.0.1
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2015-01-03 | CVE-2010-5320 | Cross-Site Request Forgery (CSRF) vulnerability in Memht Portal 4.0.1 Multiple cross-site request forgery (CSRF) vulnerabilities in MemHT Portal 4.0.1 allow remote attackers to hijack the authentication of administrators for requests that (1) modify settings via a configuration action to admin.php, (2) modify articles via an articles action to admin.php, or (3) modify credentials via a users action to admin.php. | 6.8 |
2008-11-18 | CVE-2008-5132 | SQL Injection vulnerability in Memht Portal 4.0.1 SQL injection vulnerability in inc/ajax/ajax_rating.php in MemHT Portal 4.0.1 allows remote attackers to execute arbitrary SQL commands via the X-Forwarded-For HTTP header. | 7.5 |