Vulnerabilities > Zomplog > Zomplog > 3.7.6
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2007-10-05 | CVE-2007-5231 | Improper Input Validation vulnerability in Zomplog Unrestricted file upload vulnerability in admin/upload_files.php in Zomplog 3.8.1 and earlier allows remote authenticated administrators to upload and execute arbitrary .php files by sending a modified MIME type. | 4.6 |
2007-10-05 | CVE-2007-5230 | Permissions, Privileges, and Access Controls vulnerability in Zomplog admin/upload_files.php in Zomplog 3.8.1 and earlier does not check for administrative credentials, which allows remote attackers to perform administrative actions via a direct request. | 7.5 |
2007-03-20 | CVE-2007-1524 | Local File Include vulnerability in Zomplog 3.7.6 Directory traversal vulnerability in themes/default/ in ZomPlog 3.7.6 and earlier allows remote attackers to include arbitrary local files via a .. | 5.0 |