E-Journal version 1.0 suffers from remote shell upload, privilege escalation, and remote SQL injection vulnerabilities.