Vulnerabilities > CVE-2007-4259 - Unspecified vulnerability in EZ Photo Sales EZ Photo Sales 1.9.3
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
EZPhotoSales 1.9.3 and earlier allows remote attackers to download arbitrary image files via (1) a direct request for a URL under OnlineViewing/galleries/ or (2) navigation of the gallery user interface with JavaScript disabled.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
References
- http://www.airscanner.com/security/07080601_ezphotosales.htm
- http://www.informit.com/guides/content.asp?g=security&seqNum=267
- http://www.informit.com/guides/content.asp?g=security&seqNum=268
- http://www.securityfocus.com/bid/25323
- http://secunia.com/advisories/26341
- http://securityreason.com/securityalert/2985
- https://exchange.xforce.ibmcloud.com/vulnerabilities/35832
- http://www.securityfocus.com/archive/1/475678/100/0/threaded