MidnightBSD

Advisories for scriptscenter

CVE-2005-4308 HIGH

index.php in ezUpload Pro 2.2 and earlier allows remote attackers to include files via the mode parameter.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
scriptscenter ezupload_pro 2.1
scriptscenter ezupload_pro *
scriptscenter ezupload_pro 2.0
scriptscenter ezupload_pro 1.1
scriptscenter ezupload_pro 2.0.1
CVE-2005-4309 HIGH

SQL injection vulnerability in ezUpload Pro 2.2 and earlier allows remote attackers to execute arbitrary SQL commands via unspecified search module parameters.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
scriptscenter ezupload_pro 2.1
scriptscenter ezupload_pro *
scriptscenter ezupload_pro 2.0
scriptscenter ezupload_pro 1.1
scriptscenter ezupload_pro 2.0.1
CVE-2006-2694 HIGH

Multiple PHP remote file inclusion vulnerabilities in EzUpload Pro 2.10 allow remote attackers to execute arbitrary PHP code via a URL in the path parameter to (1) form.php, (2) customize.php, and (3) initialize.php.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
scriptscenter ezupload_pro 2.10