Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
indexcor ezdatabase vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2006-0214
Eval injection vulnerability in ezDatabase 2.0 and previous versions allows remote malicious users to execute arbitrary PHP code via the db_id parameter to visitorupload.php, as demonstrated using phpinfo and include function calls.
Indexcor Ezdatabase 2.0
Indexcor Ezdatabase 2.1.2
1 EDB exploit
NA
CVE-2005-4304
index.php in ezDatabase 2.1.2 and previous versions allows remote malicious users to obtain sensitive information via an invalid cat_id parameter, which leaks the full pathname in an error message. NOTE: these details are uncertain because the original report has terminology prob...
Indexcor Ezdatabase
NA
CVE-2006-0315
index.php in EZDatabase prior to 2.1.2 does not properly cleanse the p parameter before constructing and including a .php filename, which allows remote malicious users to conduct directory traversal attacks, and produces resultant cross-site scripting (XSS) and path disclosure.
Indexcor Ezdatabase
1 EDB exploit
NA
CVE-2005-4302
Directory traversal vulnerability in index.php in ezDatabase 2.1.2 and previous versions allows remote malicious users to include arbitrary local files via ".." sequences in the p parameter.
Indexcor Ezdatabase
1 EDB exploit
NA
CVE-2005-4303
SQL injection vulnerability in index.php for ezDatabase 2.1.2 and previous versions allows remote malicious users to execute arbitrary SQL commands via the db_id parameter.
Indexcor Ezdatabase
1 EDB exploit
NA
CVE-2007-0592
Cross-site scripting (XSS) vulnerability in EzDatabase 2.1.3 allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors related to admin/login.php and the Admin Panel Database.
Indexcor Ezdatabase 2.1.3
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
log injection
CVE-2024-37079
type confusion
CVE-2024-32943
CVE-2024-30103
CVE-2024-37350
arbitrary code
CVE-2024-6189
CVE-2024-6225
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started