CVE-2006-0315

Name of the Vulnerable Software and Affected Versions EZDatabase versions prior to 2.1.2

Description The issue arises from improper cleansing of the p parameter in index.php, allowing remote attackers to conduct directory traversal attacks. This results in cross-site scripting (XSS) and path disclosure.

Recommendations For versions prior to 2.1.2, update to version 2.1.2 or later to resolve the issue. As a temporary workaround, consider restricting access to the index.php file to minimize the risk of exploitation. Avoid using the p parameter in the affected endpoint until the issue is resolved.