Vulnerabilities > Mihalism > Multi Host

DATE CVE VULNERABILITY TITLE RISK
2008-02-12 CVE-2008-0714 SQL Injection vulnerability in Mihalism Multi Host 3.0
SQL injection vulnerability in users.php in Mihalism Multi Host allows remote attackers to execute arbitrary SQL commands via the username parameter in a lost_password_go action.
network
mihalism CWE-89
6.8
2008-01-04 CVE-2007-6657 Code Injection vulnerability in Mihalism Multi Host
PHP remote file inclusion vulnerability in source/includes/load_forum.php in Mihalism Multi Forum Host 3.0.x and earlier allows remote attackers to execute arbitrary PHP code via a URL in the mfh_root_path parameter.
network
low complexity
mihalism CWE-94
7.5
2008-01-04 CVE-2007-6653 Path Traversal vulnerability in Mihalism Multi Host 2.07
Directory traversal vulnerability in download.php in Mihalism Multi Host 2.0.7 allows remote attackers to read arbitrary files via a ..
network
low complexity
mihalism CWE-22
5.0