彙總 prozilla 相關全部產品的 CVE 與安全漏洞情報,包括 CVSS、EPSS、公開時間與漏洞情報資料。
常見弱點模式包括 SQL 注入與輸入驗證問題,在 軟體部署與生產負載 使用場景中可能帶來 資料外洩與異常行為 等風險。
相關漏洞資料主要來源於公開漏洞披露與安全公告,可用於評估歷史漏洞暴露面與修補優先順序。
| CVE | 摘要 | 來源 | 最高 CVSS | EPSS % | 公開時間 | 更新時間 |
|---|---|---|---|---|---|---|
| CVE-2008-6115 | SQL injection vulnerability in directory.php in Prozilla Hosting Index allows remote attackers to execute arbitrary SQL commands via the id parameter in a deadlink action, a different vector than CVE-2008-2083. | [email protected] | 7.5 | 1.14% | 2009-02-11 | 2026-06-16 |
| CVE-2008-2083 | SQL injection vulnerability in directory.php in Prozilla Hosting Index, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the cat_id parameter in a list action. | [email protected] | 6.8 | 1.11% | 2008-05-05 | 2026-06-16 |
| CVE-2008-1864 | SQL injection vulnerability in project.php in Prozilla Freelancers allows remote attackers to execute arbitrary SQL commands via the project parameter. | [email protected] | 7.5 | 1.01% | 2008-04-17 | 2026-06-16 |
| CVE-2008-1863 | SQL injection vulnerability in view_reviews.php in Prozilla Cheat Script (aka Cheats) 2.0 allows remote attackers to execute arbitrary SQL commands via the id parameter. | [email protected] | 7.5 | 2.08% | 2008-04-17 | 2026-06-16 |
| CVE-2008-1789 | SQL injection vulnerability in forum.php in Prozilla Forum allows remote attackers to execute arbitrary SQL commands via the forum parameter. | [email protected] | 6.8 | 0.91% | 2008-04-15 | 2026-06-16 |
| CVE-2008-1788 | SQL injection vulnerability in directory.php in Prozilla Entertainers 1.1 and earlier allows remote attackers to execute arbitrary SQL commands via the cat parameter. NOTE: some of these details are obtained from third party information. | [email protected] | 7.5 | 0.93% | 2008-04-15 | 2026-06-16 |
| CVE-2008-1785 | delete.php in Prozilla Top 100 1.2 allows remote authenticated users to delete statistics and accounts of arbitrary users via a modified s parameter. | [email protected] | 5.5 | 1.97% | 2008-04-15 | 2026-06-16 |
| CVE-2008-1784 | Prozilla Topsites 1.0 allows remote attackers to perform administrative actions via a direct request to (1) addu.php, (2) editu.php, and (3) uidx.php in siteadmin/. | [email protected] | 7.5 | 2.52% | 2008-04-15 | 2026-06-16 |
| CVE-2008-1783 | Prozilla Reviews 1.0 allows remote attackers to delete arbitrary users via a modified UserID parameter in a direct request to siteadmin/DeleteUser.php. | [email protected] | 6.4 | 2.27% | 2008-04-15 | 2026-06-16 |
| CVE-2007-4362 | SQL injection vulnerability in category.php in Prozilla Webring allows remote attackers to execute arbitrary SQL commands via the cat parameter. | [email protected] | 6.8 | 1.15% | 2007-08-15 | 2026-06-16 |
| CVE-2007-4258 | SQL injection vulnerability in directory.php in Prozilla Pub Site Directory allows remote attackers to execute arbitrary SQL commands via the cat parameter. | [email protected] | 7.5 | 0.95% | 2007-08-08 | 2026-06-16 |
| CVE-2007-3809 | Multiple SQL injection vulnerabilities in Prozilla Directory Script allow remote attackers to execute arbitrary SQL commands via the cat_id parameter in a list action to directory.php, and other unspecified vectors. | [email protected] | 7.5 | 1.03% | 2007-07-16 | 2026-06-16 |
| CVE-2005-2961 | Buffer overflow in the get_string_ahref function for ProZilla 1.3.7.4 and possibly earlier, with the -ftpsearch option enabled, allows remote servers to execute arbitrary code via a search response with a crafted string in the HREF field of an <A> tag. | [email protected] | 7.5 | 8.62% | 2005-10-05 | 2026-06-16 |
| CVE-2005-0523 | Format string vulnerability in ProZilla 1.3.7.3 and earlier allows remote attackers to execute arbitrary code via format string specifiers in the Location header. | [email protected] | 7.5 | 9.87% | 2005-05-02 | 2026-06-16 |
| CVE-2004-1120 | Multiple buffer overflows in (1) http.c, (2) http-retr.c, (3) main.c and other code that handles network protocols in ProZilla 1.3.6-r2 and earlier allow remote servers to execute arbitrary code via a long Location header. | [email protected] | 10.0 | 14.64% | 2005-01-10 | 2026-06-16 |