Easy News Pro version 1.5 suffers from bypass, arbitrary file upload, and remote SQL injection vulnerabilities.