Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
indexcor ezdatabase 2.1.2 vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2006-0214
Eval injection vulnerability in ezDatabase 2.0 and previous versions allows remote malicious users to execute arbitrary PHP code via the db_id parameter to visitorupload.php, as demonstrated using phpinfo and include function calls.
Indexcor Ezdatabase 2.0
Indexcor Ezdatabase 2.1.2
1 EDB exploit
7.5
CVSSv2
CVE-2005-4303
SQL injection vulnerability in index.php for ezDatabase 2.1.2 and previous versions allows remote malicious users to execute arbitrary SQL commands via the db_id parameter.
Indexcor Ezdatabase
1 EDB exploit
5
CVSSv2
CVE-2005-4302
Directory traversal vulnerability in index.php in ezDatabase 2.1.2 and previous versions allows remote malicious users to include arbitrary local files via ".." sequences in the p parameter.
Indexcor Ezdatabase
1 EDB exploit
5.8
CVSSv2
CVE-2006-0315
index.php in EZDatabase prior to 2.1.2 does not properly cleanse the p parameter before constructing and including a .php filename, which allows remote malicious users to conduct directory traversal attacks, and produces resultant cross-site scripting (XSS) and path disclosure.
Indexcor Ezdatabase
1 EDB exploit
5
CVSSv2
CVE-2005-4304
index.php in ezDatabase 2.1.2 and previous versions allows remote malicious users to obtain sensitive information via an invalid cat_id parameter, which leaks the full pathname in an error message. NOTE: these details are uncertain because the original report has terminology prob...
Indexcor Ezdatabase
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3380
CVE-2024-1694
local file inclusion
CVE-2024-5645
CVE-2024-24919
XSS
CVE-2024-36774
CVE-2024-21306
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started