Vulnerabilities > Prozilla > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2009-02-11 | CVE-2008-6115 | SQL Injection vulnerability in Prozilla Hosting Index SQL injection vulnerability in directory.php in Prozilla Hosting Index allows remote attackers to execute arbitrary SQL commands via the id parameter in a deadlink action, a different vector than CVE-2008-2083. | 7.5 |
| 2008-04-17 | CVE-2008-1864 | SQL Injection vulnerability in Prozilla Freelancers SQL injection vulnerability in project.php in Prozilla Freelancers allows remote attackers to execute arbitrary SQL commands via the project parameter. | 7.5 |
| 2008-04-17 | CVE-2008-1863 | SQL Injection vulnerability in Prozilla Cheats 2.0 SQL injection vulnerability in view_reviews.php in Prozilla Cheat Script (aka Cheats) 2.0 allows remote attackers to execute arbitrary SQL commands via the id parameter. | 7.5 |
| 2008-04-15 | CVE-2008-1788 | SQL Injection vulnerability in Prozilla Entertainers 1.1 SQL injection vulnerability in directory.php in Prozilla Entertainers 1.1 and earlier allows remote attackers to execute arbitrary SQL commands via the cat parameter. | 7.5 |
| 2008-04-15 | CVE-2008-1784 | Permissions, Privileges, and Access Controls vulnerability in Prozilla Topsites 1.0 Prozilla Topsites 1.0 allows remote attackers to perform administrative actions via a direct request to (1) addu.php, (2) editu.php, and (3) uidx.php in siteadmin/. | 7.5 |
| 2007-08-08 | CVE-2007-4258 | SQL Injection vulnerability in Prozilla PUB Site Directory SQL injection vulnerability in directory.php in Prozilla Pub Site Directory allows remote attackers to execute arbitrary SQL commands via the cat parameter. | 7.5 |
| 2007-07-17 | CVE-2007-3809 | SQL Injection vulnerability in Prozilla Directory.PHP Multiple SQL injection vulnerabilities in Prozilla Directory Script allow remote attackers to execute arbitrary SQL commands via the cat_id parameter in a list action to directory.php, and other unspecified vectors. | 7.5 |
| 2005-10-05 | CVE-2005-2961 | Buffer Overflow vulnerability in Prozilla Download Accelerator 1.3.7.4 Buffer overflow in the get_string_ahref function for ProZilla 1.3.7.4 and possibly earlier, with the -ftpsearch option enabled, allows remote servers to execute arbitrary code via a search response with a crafted string in the HREF field of an <A> tag. | 7.5 |
| 2005-05-02 | CVE-2005-0523 | Remote Client-Side Format String vulnerability in ProZilla Initial Server Response Format string vulnerability in ProZilla 1.3.7.3 and earlier allows remote attackers to execute arbitrary code via format string specifiers in the Location header. | 7.5 |