Vulnerabilities > Ezonescripts > Living Local > 1.1
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2009-03-26 | CVE-2008-6530 | Local Arbitrary File Upload vulnerability in Ezonescripts Living Local 1.1 Unrestricted file upload vulnerability in editimage.php in eZoneScripts Living Local 1.1 allows remote authenticated administrators to execute arbitrary PHP code by uploading a file with an executable extension, then accessing it via a direct request to the uploaded file. | 6.5 |
2009-03-26 | CVE-2008-6529 | Cross-Site Scripting vulnerability in Ezonescripts Living Local 1.1 Cross-site scripting (XSS) vulnerability in listtest.php in eZoneScripts Living Local 1.1 allows remote attackers to inject arbitrary web script or HTML via the r parameter. | 4.3 |
2008-09-05 | CVE-2008-3943 | SQL Injection vulnerability in Ezonescripts Living Local 1.1 SQL injection vulnerability in listtest.php in eZoneScripts Living Local 1.1 allows remote attackers to execute arbitrary SQL commands via the r parameter. | 7.5 |