Vulnerabilities > Prozilla

DATE CVE VULNERABILITY TITLE RISK
2007-08-08 CVE-2007-4258 SQL Injection vulnerability in Prozilla PUB Site Directory
SQL injection vulnerability in directory.php in Prozilla Pub Site Directory allows remote attackers to execute arbitrary SQL commands via the cat parameter.
network
low complexity
prozilla CWE-89
7.5
2007-07-17 CVE-2007-3809 SQL Injection vulnerability in Prozilla Directory.PHP
Multiple SQL injection vulnerabilities in Prozilla Directory Script allow remote attackers to execute arbitrary SQL commands via the cat_id parameter in a list action to directory.php, and other unspecified vectors.
network
low complexity
prozilla
7.5
2005-10-05 CVE-2005-2961 Buffer Overflow vulnerability in Prozilla Download Accelerator 1.3.7.4
Buffer overflow in the get_string_ahref function for ProZilla 1.3.7.4 and possibly earlier, with the -ftpsearch option enabled, allows remote servers to execute arbitrary code via a search response with a crafted string in the HREF field of an <A> tag.
network
low complexity
prozilla
7.5
2005-05-02 CVE-2005-0523 Remote Client-Side Format String vulnerability in ProZilla Initial Server Response
Format string vulnerability in ProZilla 1.3.7.3 and earlier allows remote attackers to execute arbitrary code via format string specifiers in the Location header.
network
low complexity
prozilla
7.5
2005-01-10 CVE-2004-1120 Remote Buffer Overflow vulnerability in ProZilla
Multiple buffer overflows in (1) http.c, (2) http-retr.c, (3) main.c and other code that handles network protocols in ProZilla 1.3.6-r2 and earlier allow remote servers to execute arbitrary code via a long Location header.
network
low complexity
prozilla
critical
10.0