CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

H-Fj: Security Vulnerabilities

CVE-2015-2945

mt-phpincgi.php in Hajime Fujimoto mt-phpincgi before 2015-05-15 does not properly restrict URLs, which allows remote attackers to conduct PHP object injection attacks and execute arbitrary PHP code via a crafted request, as exploited in the wild in May 2015.

CVSS Score

7.5

EPSS Score

0.007

Published

2015-05-25

CVE-2007-6751

Cross-site scripting (XSS) vulnerability in the MailForm plugin before 1.20 for Movable Type allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

CVSS Score

4.3

EPSS Score

0.003

Published

2012-01-04

Page 1

Vulnerabilities

Vulnerable Software

H-Fj: Security Vulnerabilities

Products

Pricing

Contact Us