Vulnerabilities > Zomplog > Zomplog > 3.8
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2007-10-05 | CVE-2007-5231 | Improper Input Validation vulnerability in Zomplog Unrestricted file upload vulnerability in admin/upload_files.php in Zomplog 3.8.1 and earlier allows remote authenticated administrators to upload and execute arbitrary .php files by sending a modified MIME type. | 4.6 |
2007-10-05 | CVE-2007-5230 | Permissions, Privileges, and Access Controls vulnerability in Zomplog admin/upload_files.php in Zomplog 3.8.1 and earlier does not check for administrative credentials, which allows remote attackers to perform administrative actions via a direct request. | 7.5 |
2007-04-19 | CVE-2007-2157 | Directory Traversal vulnerability in Zomplog 3.8 Directory traversal vulnerability in upload/force_download.php in Zomplog 3.8 allows remote attackers to read arbitrary files via a .. | 7.8 |