Vulnerability Details CVE-2005-2616
Multiple PHP file include vulnerabilities in ezUpload 2.2 allow remote attackers to execute arbitrary code via the path parameter to (1) initialize.php, (2) customize.php, (3) form.php, or (4) index.php.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.201
EPSS Ranking 95.5%
CVSS Severity
CVSS v2 Score 7.5
References
- http://packetstorm.linuxsecurity.com/0508-exploits/ezuploadRemote.txt
- http://secunia.com/advisories/16434
- http://securitytracker.com/id?1014723
- http://www.securiteam.com/exploits/5JP0J15GKU.html
- http://www.securityfocus.com/bid/14534
- http://www.vupen.com/english/advisories/2005/1379
- http://packetstorm.linuxsecurity.com/0508-exploits/ezuploadRemote.txt
- http://secunia.com/advisories/16434
- http://securitytracker.com/id?1014723
- http://www.securiteam.com/exploits/5JP0J15GKU.html
- http://www.securityfocus.com/bid/14534
- http://www.vupen.com/english/advisories/2005/1379