Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ez ez publish 3.7.0 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2005-4855
Unrestricted file upload vulnerability in eZ publish 3.5 prior to 3.5.5, 3.6 prior to 3.6.2, 3.7 prior to 3.7.0rc2, and 3.8 prior to 20050922 does not restrict Image datatype uploads to image content types, which allows remote authenticated users to upload certain types of files,...
Ez Ez Publish
Ez Ez Publish 3.7.0
Ez Ez Publish 3.8.0
NA
CVE-2005-4856
The admin interface in eZ publish 3.5 prior to 3.5.7, 3.6 prior to 3.6.5, 3.7 prior to 3.7.3, and 3.8 prior to 20051110 does not properly handle authorization errors, which allows remote malicious users to obtain sensitive information and see the admin pagelayout and associated t...
Ez Ez Publish 3.6.3
Ez Ez Publish 3.6.1
Ez Ez Publish 3.5.2
Ez Ez Publish 3.6.4
Ez Ez Publish 3.7.1
Ez Ez Publish 3.6.0
Ez Ez Publish 3.5.0
Ez Ez Publish 3.5.3
Ez Ez Publish 3.5.5
Ez Ez Publish 3.5.4
Ez Ez Publish
Ez Ez Publish 3.7.2
Ez Ez Publish 3.5.1
Ez Ez Publish 3.6.2
Ez Ez Publish 3.7.0
Ez Ez Publish 3.5.6
NA
CVE-2005-4857
eZ publish 3.5 prior to 3.5.7, 3.6 prior to 3.6.5, 3.7 prior to 3.7.3, and 3.8 prior to 20051128 allows remote authenticated users to cause a denial of service (Apache httpd segmentation fault) via a request to content/advancedsearch.php with an empty SearchContentClassID paramet...
Ez Ez Publish 3.6.3
Ez Ez Publish 3.6.1
Ez Ez Publish 3.5.2
Ez Ez Publish 3.6.4
Ez Ez Publish 3.7.1
Ez Ez Publish 3.6.0
Ez Ez Publish 3.5.0
Ez Ez Publish 3.5.3
Ez Ez Publish 3.5.5
Ez Ez Publish 3.5.4
Ez Ez Publish
Ez Ez Publish 3.7.2
Ez Ez Publish 3.5.1
Ez Ez Publish 3.6.2
Ez Ez Publish 3.7.0
Ez Ez Publish 3.5.6
NA
CVE-2006-0938
Cross-site scripting (XSS) vulnerability in eZ publish 3.7.3 and previous versions allows remote malicious users to inject arbitrary web script or HTML via the RefererURL parameter.
Ez Ez Publish 3.6.3
Ez Ez Publish 3.6.1
Ez Ez Publish 3.5.8
Ez Ez Publish 3.6.4
Ez Ez Publish 3.7.1
Ez Ez Publish 3.6.0
Ez Ez Publish
Ez Ez Publish 3.4.8
Ez Ez Publish 3.5.7
Ez Ez Publish 3.5.5
Ez Ez Publish 3.5.4
Ez Ez Publish 3.7.2
Ez Ez Publish 3.6.5
Ez Ez Publish 3.6.2
Ez Ez Publish 3.7.0
Ez Ez Publish 3.5.6
NA
CVE-2010-2671
Cross-site scripting (XSS) vulnerability in advancedsearch.php in eZ Publish 3.7.0 up to and including 4.2.0 allows remote malicious users to inject arbitrary web script or HTML via the subTreeItem parameter.
Ez Ez Publish 3.7.11
Ez Ez Publish 3.7.4
Ez Ez Publish 3.7.12
Ez Ez Publish 3.7.7
Ez Ez Publish 3.7.9
Ez Ez Publish 3.7.1
Ez Ez Publish 4.2.0
Ez Ez Publish 3.7.10
Ez Ez Publish 3.7.8
Ez Ez Publish 3.7.3
Ez Ez Publish 3.7.6
Ez Ez Publish 3.7.2
Ez Ez Publish 3.7.0
Ez Ez Publish 3.7.5
NA
CVE-2010-2672
Multiple SQL injection vulnerabilities in eZ Publish 3.7.0 up to and including 4.2.0 allow remote malicious users to execute arbitrary SQL commands via the (1) SectionID and (2) SearchTimestamp parameters to the search feature and the (3) SearchContentClassAttributeID parameter t...
Ez Ez Publish 3.7.11
Ez Ez Publish 3.7.4
Ez Ez Publish 3.7.12
Ez Ez Publish 3.7.7
Ez Ez Publish 3.7.9
Ez Ez Publish 3.7.1
Ez Ez Publish 4.2.0
Ez Ez Publish 3.7.10
Ez Ez Publish 3.7.8
Ez Ez Publish 3.7.3
Ez Ez Publish 3.7.6
Ez Ez Publish 3.7.2
Ez Ez Publish 3.7.0
Ez Ez Publish 3.7.5
NA
CVE-2008-6844
The registration view (/user/register) in eZ Publish 3.5.6 and previous versions, and possibly other versions prior to 3.9.5, 3.10.1, and 4.0.1, allows remote malicious users to gain privileges as other users via modified ContentObjectAttribute_data_user_login_30, ContentObjectAt...
Ez Ez Publish 3.6.3
Ez Ez Publish 3.6.1
Ez Ez Publish 3.5.8
Ez Ez Publish 3.6.4
Ez Ez Publish 3.8.8
Ez Ez Publish 3.9.0
Ez Ez Publish 4.0
Ez Ez Publish 3.7.1
Ez Ez Publish 3.6.0
Ez Ez Publish 3.9.2
Ez Ez Publish 3.10
Ez Ez Publish 3.4.8
Ez Ez Publish 3.5.7
Ez Ez Publish 3.7.3
Ez Ez Publish 3.5.5
Ez Ez Publish
Ez Ez Publish 3.5.4
Ez Ez Publish 3.8.9
Ez Ez Publish 3.7.2
Ez Ez Publish 3.6.5
Ez Ez Publish 3.9.1
Ez Ez Publish 3.6.2
1 EDB exploit
NA
CVE-2005-4854
eZ publish 3.5 up to and including 3.7 prior to 20050830 does not use a folder's read permissions to restrict notifications, which allows remote authenticated users to obtain sensitive information about changes to content in arbitrary folders.
Ez Ez Publish 3.6.3
Ez Ez Publish 3.6.1
Ez Ez Publish 3.7.11
Ez Ez Publish 3.7.4
Ez Ez Publish 3.5.2
Ez Ez Publish 3.5.8
Ez Ez Publish 3.7.12
Ez Ez Publish 3.6.4
Ez Ez Publish 3.6.10
Ez Ez Publish 3.7.7
Ez Ez Publish 3.7.9
Ez Ez Publish 3.5.9
Ez Ez Publish 3.7.1
Ez Ez Publish 3.6.0
Ez Ez Publish 3.6.7
Ez Ez Publish 3.7.10
Ez Ez Publish 3.5.0
Ez Ez Publish 3.7.8
Ez Ez Publish 3.6.9
Ez Ez Publish 3.5.3
Ez Ez Publish 3.5.7
Ez Ez Publish 3.6.6
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
type confusion
IMAP
CVE-2024-36103
CVE-2024-28995
CVE-2024-37325
CVE-2024-30078
CVE-2024-30082
SQL injection
CVE-2024-30052
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started