MidnightBSD

Advisories for ezpx

CVE-2010-2341 HIGH

PHP remote file inclusion vulnerability in system/application/views/public/commentform.php in EZPX Photoblog 1.2 beta allows remote attackers to execute arbitrary PHP code via a URL in the tpl_base_dir parameter.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-94,

Products Affected

Vendor Product Version
ezpx ezpx_photoblog 1.2