Filtered by vendor Prozilla
Subscribe
Total
15 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2008-2083 | 1 Prozilla | 1 Hosting Index | 2018-10-11 | 6.8 MEDIUM | N/A |
SQL injection vulnerability in directory.php in Prozilla Hosting Index, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the cat_id parameter in a list action. | |||||
CVE-2007-4362 | 1 Prozilla | 1 Webring | 2017-10-18 | 6.8 MEDIUM | N/A |
SQL injection vulnerability in category.php in Prozilla Webring allows remote attackers to execute arbitrary SQL commands via the cat parameter. | |||||
CVE-2008-1788 | 1 Prozilla | 1 Entertainers | 2017-10-18 | 7.5 HIGH | N/A |
SQL injection vulnerability in directory.php in Prozilla Entertainers 1.1 and earlier allows remote attackers to execute arbitrary SQL commands via the cat parameter. NOTE: some of these details are obtained from third party information. | |||||
CVE-2008-6115 | 1 Prozilla | 1 Hosting Index | 2017-09-28 | 7.5 HIGH | N/A |
SQL injection vulnerability in directory.php in Prozilla Hosting Index allows remote attackers to execute arbitrary SQL commands via the id parameter in a deadlink action, a different vector than CVE-2008-2083. | |||||
CVE-2008-1784 | 1 Prozilla | 1 Topsites | 2017-09-28 | 7.5 HIGH | N/A |
Prozilla Topsites 1.0 allows remote attackers to perform administrative actions via a direct request to (1) addu.php, (2) editu.php, and (3) uidx.php in siteadmin/. | |||||
CVE-2008-1783 | 1 Prozilla | 1 Reviews | 2017-09-28 | 6.4 MEDIUM | N/A |
Prozilla Reviews 1.0 allows remote attackers to delete arbitrary users via a modified UserID parameter in a direct request to siteadmin/DeleteUser.php. | |||||
CVE-2008-1785 | 1 Prozilla | 1 Top 100 | 2017-09-28 | 5.5 MEDIUM | N/A |
delete.php in Prozilla Top 100 1.2 allows remote authenticated users to delete statistics and accounts of arbitrary users via a modified s parameter. | |||||
CVE-2008-1789 | 1 Prozilla | 1 Forum | 2017-09-28 | 6.8 MEDIUM | N/A |
SQL injection vulnerability in forum.php in Prozilla Forum allows remote attackers to execute arbitrary SQL commands via the forum parameter. | |||||
CVE-2008-1863 | 1 Prozilla | 1 Cheats | 2017-09-28 | 7.5 HIGH | N/A |
SQL injection vulnerability in view_reviews.php in Prozilla Cheat Script (aka Cheats) 2.0 allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
CVE-2008-1864 | 1 Prozilla | 1 Prozilla Freelancers | 2017-09-28 | 7.5 HIGH | N/A |
SQL injection vulnerability in project.php in Prozilla Freelancers allows remote attackers to execute arbitrary SQL commands via the project parameter. | |||||
CVE-2007-4258 | 1 Prozilla | 1 Prozilla Pub Site Directory | 2017-09-28 | 7.5 HIGH | N/A |
SQL injection vulnerability in directory.php in Prozilla Pub Site Directory allows remote attackers to execute arbitrary SQL commands via the cat parameter. | |||||
CVE-2007-3809 | 1 Prozilla | 1 Prozilla Directory Script | 2017-09-28 | 7.5 HIGH | N/A |
Multiple SQL injection vulnerabilities in Prozilla Directory Script allow remote attackers to execute arbitrary SQL commands via the cat_id parameter in a list action to directory.php, and other unspecified vectors. | |||||
CVE-2005-2961 | 1 Prozilla | 1 Prozilla Download Accelerator | 2017-07-10 | 7.5 HIGH | N/A |
Buffer overflow in the get_string_ahref function for ProZilla 1.3.7.4 and possibly earlier, with the -ftpsearch option enabled, allows remote servers to execute arbitrary code via a search response with a crafted string in the HREF field of an <A> tag. | |||||
CVE-2004-1120 | 1 Prozilla | 1 Prozilla Download Accelerator | 2017-07-10 | 10.0 HIGH | N/A |
Multiple buffer overflows in (1) http.c, (2) http-retr.c, (3) main.c and other code that handles network protocols in ProZilla 1.3.6-r2 and earlier allow remote servers to execute arbitrary code via a long Location header. | |||||
CVE-2005-0523 | 1 Prozilla | 1 Prozilla Download Accelerator | 2008-09-05 | 7.5 HIGH | N/A |
Format string vulnerability in ProZilla 1.3.7.3 and earlier allows remote attackers to execute arbitrary code via format string specifiers in the Location header. |