Total
2 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2008-3293 | 1 Ezwebalbum | 1 Ezwebalbum | 2018-10-11 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in download.php in EZWebAlbum allows remote attackers to read arbitrary files via the dlfilename parameter. | |||||
CVE-2008-3292 | 1 Ezwebalbum | 1 Ezwebalbum | 2017-09-28 | 6.4 MEDIUM | N/A |
constants.inc in EZWebAlbum 1.0 allows remote attackers to bypass authentication and gain administrator privileges by setting the photoalbumadmin cookie, as demonstrated via addpage.php. |