Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Ultrize Security Vulnerabilities

cve
cve

CVE-2006-4489

Multiple PHP remote file inclusion vulnerabilities in MiniBill 2006-07-14 (1.2.2) allow remote attackers to execute arbitrary PHP code via (1) a URL in the config[include_dir] parameter in actions/ipn.php or (2) an FTP path in the config[plugin_dir] parameter in include/initPlugins.php.

7.6AI Score

0.696EPSS

2006-08-31 10:04 PM
28
cve
cve

CVE-2007-3306

PHP remote file inclusion vulnerability in crontab/run_billing.php in MiniBill 1.2.5 allows remote attackers to execute arbitrary PHP code via a URL in the config[include_dir] parameter, a different vector than CVE-2006-4489.

7.4AI Score

0.696EPSS

2007-06-21 01:30 AM
29
cve
cve

CVE-2009-2769

PHP remote file inclusion vulnerability in include/timesheet.php in Ultrize TimeSheet 1.2.2, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the config[include_dir] parameter.

7.8AI Score

0.014EPSS

2009-08-14 05:30 PM
26
cve
cve

CVE-2009-3151

Directory traversal vulnerability in actions/downloadFile.php in Ultrize TimeSheet 1.2.2 allows remote attackers to read arbitrary files via a .. (dot dot) in the fileName parameter.

6.8AI Score

0.008EPSS

2009-09-10 06:30 PM
25