Design/Logic Flaw

Eval injection vulnerability in ezDatabase 2.0 and earlier allows remote attackers to execute arbitrary PHP code via the dbid parameter to visitorupload.php, as demonstrated using phpinfo and include function calls...