Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ez ez publish 3.7.0 vulnerabilities and exploits
(subscribe to this query)
312
VMScore
CVE-2005-4855
Unrestricted file upload vulnerability in eZ publish 3.5 prior to 3.5.5, 3.6 prior to 3.6.2, 3.7 prior to 3.7.0rc2, and 3.8 prior to 20050922 does not restrict Image datatype uploads to image content types, which allows remote authenticated users to upload certain types of files,...
Ez Ez Publish
Ez Ez Publish 3.7.0
Ez Ez Publish 3.8.0
445
VMScore
CVE-2005-4856
The admin interface in eZ publish 3.5 prior to 3.5.7, 3.6 prior to 3.6.5, 3.7 prior to 3.7.3, and 3.8 prior to 20051110 does not properly handle authorization errors, which allows remote malicious users to obtain sensitive information and see the admin pagelayout and associated t...
Ez Ez Publish 3.5.0
Ez Ez Publish 3.5.1
Ez Ez Publish 3.7.2
Ez Ez Publish
Ez Ez Publish 3.5.6
Ez Ez Publish 3.6.0
Ez Ez Publish 3.6.1
Ez Ez Publish 3.6.2
Ez Ez Publish 3.5.3
Ez Ez Publish 3.5.5
Ez Ez Publish 3.6.3
Ez Ez Publish 3.7.0
Ez Ez Publish 3.5.2
Ez Ez Publish 3.5.4
Ez Ez Publish 3.6.4
Ez Ez Publish 3.7.1
356
VMScore
CVE-2005-4857
eZ publish 3.5 prior to 3.5.7, 3.6 prior to 3.6.5, 3.7 prior to 3.7.3, and 3.8 prior to 20051128 allows remote authenticated users to cause a denial of service (Apache httpd segmentation fault) via a request to content/advancedsearch.php with an empty SearchContentClassID paramet...
Ez Ez Publish 3.5.0
Ez Ez Publish 3.5.1
Ez Ez Publish 3.7.2
Ez Ez Publish
Ez Ez Publish 3.5.6
Ez Ez Publish 3.6.0
Ez Ez Publish 3.6.1
Ez Ez Publish 3.6.2
Ez Ez Publish 3.5.2
Ez Ez Publish 3.5.4
Ez Ez Publish 3.6.4
Ez Ez Publish 3.7.1
Ez Ez Publish 3.5.3
Ez Ez Publish 3.5.5
Ez Ez Publish 3.6.3
Ez Ez Publish 3.7.0
383
VMScore
CVE-2006-0938
Cross-site scripting (XSS) vulnerability in eZ publish 3.7.3 and previous versions allows remote malicious users to inject arbitrary web script or HTML via the RefererURL parameter.
Ez Ez Publish 3.5.5
Ez Ez Publish 3.5.6
Ez Ez Publish 3.5.7
Ez Ez Publish 3.6.5
Ez Ez Publish 3.7.0
Ez Ez Publish 3.6.1
Ez Ez Publish 3.6.2
Ez Ez Publish
Ez Ez Publish 3.5.8
Ez Ez Publish 3.6.0
Ez Ez Publish 3.7.1
Ez Ez Publish 3.7.2
Ez Ez Publish 3.4.8
Ez Ez Publish 3.5.4
Ez Ez Publish 3.6.3
Ez Ez Publish 3.6.4
383
VMScore
CVE-2010-2671
Cross-site scripting (XSS) vulnerability in advancedsearch.php in eZ Publish 3.7.0 up to and including 4.2.0 allows remote malicious users to inject arbitrary web script or HTML via the subTreeItem parameter.
Ez Ez Publish 3.7.6
Ez Ez Publish 3.7.7
Ez Ez Publish 3.7.8
Ez Ez Publish 3.7.9
Ez Ez Publish 3.7.0
Ez Ez Publish 3.7.4
Ez Ez Publish 3.7.11
Ez Ez Publish 4.2.0
Ez Ez Publish 3.7.1
Ez Ez Publish 3.7.2
Ez Ez Publish 3.7.3
Ez Ez Publish 3.7.5
Ez Ez Publish 3.7.10
Ez Ez Publish 3.7.12
668
VMScore
CVE-2010-2672
Multiple SQL injection vulnerabilities in eZ Publish 3.7.0 up to and including 4.2.0 allow remote malicious users to execute arbitrary SQL commands via the (1) SectionID and (2) SearchTimestamp parameters to the search feature and the (3) SearchContentClassAttributeID parameter t...
Ez Ez Publish 3.7.0
Ez Ez Publish 3.7.3
Ez Ez Publish 3.7.4
Ez Ez Publish 3.7.6
Ez Ez Publish 4.2.0
Ez Ez Publish 3.7.2
Ez Ez Publish 3.7.8
Ez Ez Publish 3.7.9
Ez Ez Publish 3.7.10
Ez Ez Publish 3.7.11
Ez Ez Publish 3.7.5
Ez Ez Publish 3.7.7
Ez Ez Publish 3.7.12
Ez Ez Publish 3.7.1
755
VMScore
CVE-2008-6844
The registration view (/user/register) in eZ Publish 3.5.6 and previous versions, and possibly other versions prior to 3.9.5, 3.10.1, and 4.0.1, allows remote malicious users to gain privileges as other users via modified ContentObjectAttribute_data_user_login_30, ContentObjectAt...
Ez Ez Publish 3.4.8
Ez Ez Publish 3.5.4
Ez Ez Publish 3.5.5
Ez Ez Publish 3.6.5
Ez Ez Publish 3.6.2
Ez Ez Publish 3.8.9
Ez Ez Publish 3.9.4
Ez Ez Publish 3.10
Ez Ez Publish 3.9.2
Ez Ez Publish 3.6.1
Ez Ez Publish 3.5.7
Ez Ez Publish 3.7.3
Ez Ez Publish 3.7.0
Ez Ez Publish 4.0
Ez Ez Publish 3.8.8
Ez Ez Publish 3.6.0
Ez Ez Publish 3.6.3
Ez Ez Publish 3.7.2
Ez Ez Publish 3.9.1
Ez Ez Publish
Ez Ez Publish 3.5.8
Ez Ez Publish 3.6.4
1 EDB exploit
445
VMScore
CVE-2005-4854
eZ publish 3.5 up to and including 3.7 prior to 20050830 does not use a folder's read permissions to restrict notifications, which allows remote authenticated users to obtain sensitive information about changes to content in arbitrary folders.
Ez Ez Publish 3.5.2
Ez Ez Publish 3.5.3
Ez Ez Publish 3.5.4
Ez Ez Publish 3.5.5
Ez Ez Publish 3.6.6
Ez Ez Publish 3.6.7
Ez Ez Publish 3.6.8
Ez Ez Publish 3.6.9
Ez Ez Publish 3.6.1
Ez Ez Publish 3.6.10
Ez Ez Publish 3.6.11
Ez Ez Publish 3.6.12
Ez Ez Publish 3.7.12
Ez Ez Publish 3.7.2
Ez Ez Publish 3.7.3
Ez Ez Publish 3.7.4
Ez Ez Publish 3.5.1
Ez Ez Publish 3.5.11
Ez Ez Publish 3.5.6
Ez Ez Publish 3.5.8
Ez Ez Publish 3.6.0
Ez Ez Publish 3.6.2
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
camera
bypass
CVE-2024-3592
CVE-2024-37383
CVE-2024-24919
CVE-2024-27822
CVE-2024-36788
CVE-2024-36789
man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started