Remote Code Execution in ezUpload 2.2 via Multiple PHP File Include Vulnerabilities

Remote Code Execution in ezUpload 2.2 via Multiple PHP File Include Vulnerabilities

CVE-2005-2616 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

Multiple PHP file include vulnerabilities in ezUpload 2.2 allow remote attackers to execute arbitrary code via the path parameter to (1) initialize.php, (2) customize.php, (3) form.php, or (4) index.php.

Learn more about our Web Application Penetration Testing UK.