CVE-2006-0315

index.php in EZDatabase before 2.1.2 does not properly cleanse the p parameter before constructing and including a .php filename, which allows remote attackers to conduct directory traversal attacks, and produces resultant cross-site scripting (XSS) and path disclosure.
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

cpe:2.3:a:indexcor:ezdatabase:*:*:*:*:*:*:*:*

Information

Published : 2006-01-18 17:03

Updated : 2018-10-19 08:44


NVD link : CVE-2006-0315

Mitre link : CVE-2006-0315


JSON object : View

Advertisement

dedicated server usa

Products Affected

indexcor

  • ezdatabase