Yabsoft

yabsoft

7 CVEs • 2 products

Products (2)

Click to collapse

Toggle

Advanced Image Hosting Script

advanced_image_hosting_script

Mega File Hosting Script

mega_file_hosting_script

CVEs (7)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2012-6039 1Yabsoft 1Advanced Image Hosting Script Apr 29, 2026 Nov 26, 2012 N/A· v4 N/A· v3 7.5 HIGH· v2 SQL injection vulnerability in view_comments.php in YABSoft Advanced Image Hosting (AIH) Script, possibly 2.3, allows remote attackers to execute arbitrary SQL commands via the gal parameter.
CVE-2009-4266 1Yabsoft 1Advanced Image Hosting Script Apr 23, 2026 Dec 10, 2009 N/A· v4 N/A· v3 4.3 MEDIUM· v2 Cross-site scripting (XSS) vulnerability in search.php in YABSoft Advanced Image Hosting (AIH) Script 2.2, and possibly 2.3, allows remote attackers to inject arbitrary web script or HTML via the text parameter.
CVE-2009-3647 1Yabsoft 1Mega File Hosting Script Apr 23, 2026 Oct 9, 2009 N/A· v4 N/A· v3 4.3 MEDIUM· v2 Cross-site scripting (XSS) vulnerability in emaullinks.php in YABSoft Mega File Hosting Script (aka MFH or MFHS) 1.2 allows remote attackers to inject arbitrary web script or HTML via the moudi parameter. NOTE: the prov...Show more Cross-site scripting (XSS) vulnerability in emaullinks.php in YABSoft Mega File Hosting Script (aka MFH or MFHS) 1.2 allows remote attackers to inject arbitrary web script or HTML via the moudi parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.Show less
CVE-2009-1032 1Yabsoft 1Advanced Image Hosting Script Apr 23, 2026 Mar 20, 2009 N/A· v4 N/A· v3 7.5 HIGH· v2 SQL injection vulnerability in gallery_list.php in YABSoft Advanced Image Hosting (AIH) Script 2.3 allows remote attackers to execute arbitrary SQL commands via the gal parameter.
CVE-2009-0966 1Yabsoft 1Mega File Hosting Script Apr 23, 2026 Mar 19, 2009 N/A· v4 N/A· v3 7.5 HIGH· v2 PHP remote file inclusion vulnerability in cross.php in YABSoft Mega File Hosting 1.2 allows remote attackers to execute arbitrary PHP code via a URL in the url parameter. NOTE: this can also be leveraged to include and...Show more PHP remote file inclusion vulnerability in cross.php in YABSoft Mega File Hosting 1.2 allows remote attackers to execute arbitrary PHP code via a URL in the url parameter. NOTE: this can also be leveraged to include and execute arbitrary local files via .. (dot dot) sequences.Show less
CVE-2008-2536 1Yabsoft 1Advanced Image Hosting Script Apr 23, 2026 Jun 3, 2008 N/A· v4 N/A· v3 7.5 HIGH· v2 SQL injection vulnerability in out.php in YABSoft Advanced Image Hosting (AIH) Script 2.1 and earlier allows remote attackers to execute arbitrary SQL commands via the t parameter.
CVE-2008-2521 1Yabsoft 1Mega File Hosting Script Apr 23, 2026 Jun 3, 2008 N/A· v4 N/A· v3 6.5 MEDIUM· v2 SQL injection vulnerability in members.php in YABSoft Mega File Hosting Script (aka MFH or MFHS) 1.2 allows remote authenticated users to execute arbitrary SQL commands via the fid parameter.