CVE-2005-2616 Information

Description

Multiple PHP file include vulnerabilities in ezUpload 2.2 allow remote attackers to execute arbitrary code via the path parameter to (1) initialize.php (2) customize.php (3) form.php or (4) index.php.

Reference

http://packetstorm.linuxsecurity.com/0508-exploits/ezuploadRemote.txt http://secunia.com/advisories/16434 http://securitytracker.com/id?1014723 http://www.securiteam.com/exploits/5JP0J15GKU.html http://www.securityfocus.com/bid/14534 http://www.vupen.com/english/advisories/2005/1379