RSS   Vulnerabilities for 'Easy image downloader'   RSS

2009-07-20
 
CVE-2009-2551

CWE-79
 

 
Multiple cross-site scripting (XSS) vulnerabilities in ScriptsEz Easy Image Downloader allow remote attackers to inject arbitrary web script or HTML via the id parameter in a detail action to (1) main.php and possibly (2) demo_page.php.

 
2009-02-06
 
CVE-2008-6089

CWE-22
 

 
Directory traversal vulnerability in main.php in ScriptsEz Easy Image Downloader allows remote attackers to read arbitrary files via a .. (dot dot) in the id parameter in a download action.

 

 >>> Vendor: Scriptsez 15 Products
Cute guestbook
Ez ringtone manager
Random php quote
Smart php subscriber
Power editor
Freeze greetings
Easy image downloader
Mini hosting panel
Ez php comment
Ultimate poll
Ez cart
Ez blog
Ez poll hoster
Good/bad vote
Ez album


Copyright 2019, cxsecurity.com

 

Back to Top