CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Mevin: Security Vulnerabilities

CVE-2009-3168

Mevin Productions Basic PHP Events Lister 2.0 does not properly restrict access to (1) admin/reset.php and (2) admin/user_add.php, which allows remote authenticated users to reset administrative passwords or add administrators via a direct request.

CVSS Score

7.2

EPSS Score

0.009

Published

2009-09-11

CVE-2008-6464

SQL injection vulnerability in event.php in Mevin Productions Basic PHP Events Lister 1.0 allows remote attackers to execute arbitrary SQL commands via the id parameter.

CVSS Score

7.5

EPSS Score

0.002

Published

2009-03-13

Page 1

Vulnerabilities

Vulnerable Software

Mevin: Security Vulnerabilities

Products

Pricing

Contact Us