Indexcor : Security Vulnerabilities, CVEs, (XSS)
Cross-site scripting (XSS) vulnerability in EzDatabase 2.1.3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to admin/login.php and the Admin Panel Database.
Max CVSS
6.8
EPSS Score
2.41%
Published
2007-01-30
Updated
2018-10-16
index.php in EZDatabase before 2.1.2 does not properly cleanse the p parameter before constructing and including a .php filename, which allows remote attackers to conduct directory traversal attacks, and produces resultant cross-site scripting (XSS) and path disclosure.
Max CVSS
5.8
EPSS Score
0.53%
Published
2006-01-19
Updated
2018-10-19
2 vulnerabilities found