2 matches found
CVE-2008-2495
CVE-2008-2495 is a directory traversal vulnerability affecting Zina 1.0 RC3. The flaw is in index.php where a .. (dot dot) in the p parameter can be exploited by remote attackers to access files. The NVD entry lists a CVSS2 base score of 7.5 (HIGH) with network attack vector and low complexity, n...
CVE-2005-4631
SQL injection vulnerability in index.php in Zina 0.12.07 and earlier allows remote attackers to execute arbitrary SQL commands via the p parameter...