Prozilla: Security Vulnerabilities
SQL injection vulnerability in directory.php in Prozilla Pub Site Directory allows remote attackers to execute arbitrary SQL commands via the cat parameter.
CVSS Score
7.5
EPSS Score
0.004
Published
2007-08-08
Multiple SQL injection vulnerabilities in Prozilla Directory Script allow remote attackers to execute arbitrary SQL commands via the cat_id parameter in a list action to directory.php, and other unspecified vectors.
CVSS Score
7.5
EPSS Score
0.005
Published
2007-07-17
Buffer overflow in the get_string_ahref function for ProZilla 1.3.7.4 and possibly earlier, with the -ftpsearch option enabled, allows remote servers to execute arbitrary code via a search response with a crafted string in the HREF field of an <A> tag.
CVSS Score
7.5
EPSS Score
0.058
Published
2005-10-05
Format string vulnerability in ProZilla 1.3.7.3 and earlier allows remote attackers to execute arbitrary code via format string specifiers in the Location header.
CVSS Score
7.5
EPSS Score
0.072
Published
2005-05-02
Multiple buffer overflows in (1) http.c, (2) http-retr.c, (3) main.c and other code that handles network protocols in ProZilla 1.3.6-r2 and earlier allow remote servers to execute arbitrary code via a long Location header.
CVSS Score
10.0
EPSS Score
0.102
Published
2005-01-10
Page 2