indexcor ezdatabase vulnerabilities and exploits

(subscribe to this query)

NA

Eval injection vulnerability in ezDatabase 2.0 and previous versions allows remote malicious users to execute arbitrary PHP code via the db_id parameter to visitorupload.php, as demonstrated using phpinfo and include function calls.

Indexcor Ezdatabase 2.0 Indexcor Ezdatabase 2.1.2

1 EDB exploit

NA

Directory traversal vulnerability in index.php in ezDatabase 2.1.2 and previous versions allows remote malicious users to include arbitrary local files via ".." sequences in the p parameter.

Indexcor Ezdatabase

1 EDB exploit

NA

SQL injection vulnerability in index.php for ezDatabase 2.1.2 and previous versions allows remote malicious users to execute arbitrary SQL commands via the db_id parameter.

Indexcor Ezdatabase

1 EDB exploit

NA

index.php in EZDatabase prior to 2.1.2 does not properly cleanse the p parameter before constructing and including a .php filename, which allows remote malicious users to conduct directory traversal attacks, and produces resultant cross-site scripting (XSS) and path disclosure.

Indexcor Ezdatabase

1 EDB exploit

NA

index.php in ezDatabase 2.1.2 and previous versions allows remote malicious users to obtain sensitive information via an invalid cat_id parameter, which leaks the full pathname in an error message. NOTE: these details are uncertain because the original report has terminology prob...

Indexcor Ezdatabase

NA

Cross-site scripting (XSS) vulnerability in EzDatabase 2.1.3 allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors related to admin/login.php and the Admin Panel Database.

Indexcor Ezdatabase 2.1.3

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook