memht CVE 脆弱性と CVE 一覧（5）

製品（CPE）: — CVE 件数: 5

memht 脆弱性概要

memht 関連製品全体の CVE とセキュリティ脆弱性情報を集約し、CVSS、EPSS、公開日、脆弱性情報データを掲載しています。

過去の問題は主に vendor risk sql injection and vendor risk csrf などに関し、一部は vendor impact data exposure を招き、vendor surface software deployment and vendor surface production workloads 関連の場面に影響します。

掲載データは公開脆弱性情報とセキュリティ公告に基づき、過去の暴露面と修補優先度の評価に利用できます。

脆弱性分布の推移（直近24か月）

CVE	概要	ソース	CVSS 最大値	EPSS（%）	公開	更新
CVE-2010-5320	Multiple cross-site request forgery (CSRF) vulnerabilities in MemHT Portal 4.0.1 allow remote attackers to hijack the authentication of administrators for requests that (1) modify settings via a configuration action to admin.php, (2) modify articles via an articles action to admin.php, or (3) modify credentials via a users action to admin.php.	[email protected]	6.8	0.12%	2015-01-03	2026-05-06
CVE-2009-0372	Unrestricted file upload vulnerability in index.php in Miltenovik Manojlo MemHT Portal 4.0.1 and earlier allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension and an image content type via a users editProfile action, then accessing this file via a direct request to the file in images/avatar/uploaded/.	[email protected]	6.5	3.50%	2009-01-30	2026-04-23
CVE-2008-5132	SQL injection vulnerability in inc/ajax/ajax_rating.php in MemHT Portal 4.0.1 allows remote attackers to execute arbitrary SQL commands via the X-Forwarded-For HTTP header.	[email protected]	7.5	0.91%	2008-11-18	2026-04-23
CVE-2008-4457	SQL injection vulnerability in inc/inc_statistics.php in MemHT Portal 3.9.0 and earlier, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via a stats_res cookie to index.php.	[email protected]	6.8	1.38%	2008-10-07	2026-04-23
CVE-2008-4164	cron.php in MemHT Portal 3.9.0 and earlier allows remote attackers to obtain sensitive information via a direct request, which reveals the installation path in an error message.	[email protected]	2.6	5.09%	2008-09-22	2026-04-23

cvelogic Threat Intelligence