Vulnerabilities > Ezwebalbum
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2008-07-24 | CVE-2008-3293 | Path Traversal vulnerability in Ezwebalbum 1.0 Directory traversal vulnerability in download.php in EZWebAlbum allows remote attackers to read arbitrary files via the dlfilename parameter. | 5.0 |
2008-07-24 | CVE-2008-3292 | Improper Authentication vulnerability in Ezwebalbum 1.0 constants.inc in EZWebAlbum 1.0 allows remote attackers to bypass authentication and gain administrator privileges by setting the photoalbumadmin cookie, as demonstrated via addpage.php. | 6.4 |