Filtered by vendor Mevin
Subscribe
Total
2 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2009-3168 | 1 Mevin | 1 Basic Php Events Lister | 2025-04-09 | 6.5 MEDIUM | 7.2 HIGH |
| Mevin Productions Basic PHP Events Lister 2.0 does not properly restrict access to (1) admin/reset.php and (2) admin/user_add.php, which allows remote authenticated users to reset administrative passwords or add administrators via a direct request. | |||||
| CVE-2008-6464 | 1 Mevin | 1 Basic-php-events-lister | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in event.php in Mevin Productions Basic PHP Events Lister 1.0 allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||