Memht: >> Memht Portal >> 4.0.1 Security Vulnerabilities
Multiple cross-site request forgery (CSRF) vulnerabilities in MemHT Portal 4.0.1 allow remote attackers to hijack the authentication of administrators for requests that (1) modify settings via a configuration action to admin.php, (2) modify articles via an articles action to admin.php, or (3) modify credentials via a users action to admin.php.
CVSS Score
6.8
EPSS Score
0.001
Published
2015-01-03
SQL injection vulnerability in inc/ajax/ajax_rating.php in MemHT Portal 4.0.1 allows remote attackers to execute arbitrary SQL commands via the X-Forwarded-For HTTP header.
CVSS Score
7.5
EPSS Score
0.005
Published
2008-11-18