Ezcontents@2.0.3 Security Vulnerabilities and Issues — Ezcontents@2.0.3 CVE List

Lucene search

VisualshapersEzcontents2.0.3

5 matches found

CVE•added 2006/08/31 9:4 p.m.•46 views

CVE-2006-4477

Multiple PHP remote file inclusion vulnerabilities in Visual Shapers ezContents 2.0.3 allow remote attackers to execute arbitrary PHP code via an empty GLOBALS[rootdp] parameter and an ftps URL in the (1) GLOBALS[admin_home] parameter in (a) diary/event_list.php, (b) gallery/gallery_summary.php, (c...

7.5CVSS7.7AI score0.05259EPSS

CVE•added 2006/08/31 9:4 p.m.•36 views

CVE-2006-4479

Cross-site scripting (XSS) vulnerability in loginreq2.php in Visual Shapers ezContents 2.0.3 allows remote attackers to inject arbitrary web script or HTML via the subgroupname parameter.

4.3CVSS5.9AI score0.0801EPSS

CVE•added 2006/08/31 9:4 p.m.•32 views

CVE-2006-4478

SQL injection vulnerability in headeruserdata.php in Visual Shapers ezContents 2.0.3 allows remote attackers to execute arbitrary SQL commands via the groupname parameter.

7.5CVSS8.7AI score0.01705EPSS

CVE•added 2009/08/24 7:30 p.m.•30 views

CVE-2008-7055

module.php in ezContents 2.0.3 allows remote attackers to bypass the directory traversal protection mechanism to include and execute arbitrary local files via "....//" (doubled dot dot slash) sequences in the link parameter, which is not properly filtered using the str_replace function.

5.1CVSS7.5AI score0.01769EPSS

CVE•added 2009/08/24 7:30 p.m.•28 views

CVE-2008-7054

Multiple directory traversal vulnerabilities in ezContents 2.0.3 allow remote attackers to include and execute arbitrary local files via the (1) gsLanguage and (2) language_home parameters to modules/diary/showdiary.php; (3) admin_home, (4) gsLanguage, and (5) language_home parameters to modules/di...

5.1CVSS7.6AI score0.0595EPSS