Filtered by vendor Ezwebalbum
Subscribe
Total
2 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2008-3293 | 1 Ezwebalbum | 1 Ezwebalbum | 2018-10-11 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in download.php in EZWebAlbum allows remote attackers to read arbitrary files via the dlfilename parameter. | |||||
| CVE-2008-3292 | 1 Ezwebalbum | 1 Ezwebalbum | 2017-09-28 | 6.4 MEDIUM | N/A |
| constants.inc in EZWebAlbum 1.0 allows remote attackers to bypass authentication and gain administrator privileges by setting the photoalbumadmin cookie, as demonstrated via addpage.php. | |||||