{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-19T00:54:55.510","vulnerabilities":[{"cve":{"id":"CVE-2007-4262","sourceIdentifier":"cve@mitre.org","published":"2007-08-08T23:17:00.000","lastModified":"2025-04-09T00:30:58.490","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Unrestricted file upload vulnerability in EZPhotoSales 1.9.3 and earlier allows remote authenticated administrators to upload and execute arbitrary PHP code under OnlineViewing/galleries/."},{"lang":"es","value":"Vulnerabilidad de envío de archivo no restringido en EZPhotoSales 1.9.3 y anteriores permite a administradores autenticados remotamente enviar y ejecutar código PHP de su elección bajo OnlineViewing/galleries/."}],"metrics":{"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:S/C:C/I:C/A:C","baseScore":8.5,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"SINGLE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE"},"baseSeverity":"HIGH","exploitabilityScore":6.8,"impactScore":10.0,"acInsufInfo":false,"obtainAllPrivilege":true,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-Other"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:ez_photo_sales:ez_photo_sales:*:*:*:*:*:*:*:*","versionEndIncluding":"1.9.3","matchCriteriaId":"33F5E844-573E-44B7-9A58-83B4D44CCCDC"}]}]}],"references":[{"url":"http://secunia.com/advisories/26341","source":"cve@mitre.org"},{"url":"http://securityreason.com/securityalert/2985","source":"cve@mitre.org"},{"url":"http://www.airscanner.com/security/07080601_ezphotosales.htm","source":"cve@mitre.org"},{"url":"http://www.informit.com/guides/content.asp?g=security&seqNum=267","source":"cve@mitre.org"},{"url":"http://www.informit.com/guides/content.asp?g=security&seqNum=268","source":"cve@mitre.org"},{"url":"http://www.securityfocus.com/archive/1/475678/100/0/threaded","source":"cve@mitre.org"},{"url":"http://www.securityfocus.com/bid/25323","source":"cve@mitre.org"},{"url":"http://secunia.com/advisories/26341","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://securityreason.com/securityalert/2985","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://www.airscanner.com/security/07080601_ezphotosales.htm","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://www.informit.com/guides/content.asp?g=security&seqNum=267","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://www.informit.com/guides/content.asp?g=security&seqNum=268","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://www.securityfocus.com/archive/1/475678/100/0/threaded","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://www.securityfocus.com/bid/25323","source":"af854a3a-2127-422b-91ae-364da2661108"}]}}]}