Ezwebalbum » Ezwebalbum : Security Vulnerabilities, CVEs,
Directory traversal vulnerability in download.php in EZWebAlbum allows remote attackers to read arbitrary files via the dlfilename parameter.
Max CVSS
5.0
EPSS Score
1.36%
Published
2008-07-24
Updated
2018-10-11
constants.inc in EZWebAlbum 1.0 allows remote attackers to bypass authentication and gain administrator privileges by setting the photoalbumadmin cookie, as demonstrated via addpage.php.
Max CVSS
6.4
EPSS Score
1.39%
Published
2008-07-24
Updated
2017-09-29
2 vulnerabilities found