Shodan
Vulnerabilities
Vulnerable Software
Prozilla:  Security Vulnerabilities
CVE-2008-6115
SQL injection vulnerability in directory.php in Prozilla Hosting Index allows remote attackers to execute arbitrary SQL commands via the id parameter in a deadlink action, a different vector than CVE-2008-2083.
CVSS Score
7.5
EPSS Score
0.004
Published
2009-02-11
CVE-2008-2083
SQL injection vulnerability in directory.php in Prozilla Hosting Index, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the cat_id parameter in a list action.
CVSS Score
6.8
EPSS Score
0.01
Published
2008-05-05
CVE-2008-1863
SQL injection vulnerability in view_reviews.php in Prozilla Cheat Script (aka Cheats) 2.0 allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVSS Score
7.5
EPSS Score
0.003
Published
2008-04-17
CVE-2008-1864
SQL injection vulnerability in project.php in Prozilla Freelancers allows remote attackers to execute arbitrary SQL commands via the project parameter.
CVSS Score
7.5
EPSS Score
0.005
Published
2008-04-17
CVE-2008-1788
SQL injection vulnerability in directory.php in Prozilla Entertainers 1.1 and earlier allows remote attackers to execute arbitrary SQL commands via the cat parameter. NOTE: some of these details are obtained from third party information.
CVSS Score
7.5
EPSS Score
0.004
Published
2008-04-15
CVE-2008-1789
SQL injection vulnerability in forum.php in Prozilla Forum allows remote attackers to execute arbitrary SQL commands via the forum parameter.
CVSS Score
6.8
EPSS Score
0.004
Published
2008-04-15
CVE-2008-1783
Prozilla Reviews 1.0 allows remote attackers to delete arbitrary users via a modified UserID parameter in a direct request to siteadmin/DeleteUser.php.
CVSS Score
6.4
EPSS Score
0.054
Published
2008-04-15
CVE-2008-1784
Prozilla Topsites 1.0 allows remote attackers to perform administrative actions via a direct request to (1) addu.php, (2) editu.php, and (3) uidx.php in siteadmin/.
CVSS Score
7.5
EPSS Score
0.052
Published
2008-04-15
CVE-2008-1785
delete.php in Prozilla Top 100 1.2 allows remote authenticated users to delete statistics and accounts of arbitrary users via a modified s parameter.
CVSS Score
5.5
EPSS Score
0.038
Published
2008-04-15
CVE-2007-4362
SQL injection vulnerability in category.php in Prozilla Webring allows remote attackers to execute arbitrary SQL commands via the cat parameter.
CVSS Score
6.8
EPSS Score
0.011
Published
2007-08-15


Products
Pricing
Contact Us

Shodan ® - All rights reserved