Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ibexa kernel vulnerabilities and exploits
(subscribe to this query)
3.7
CVSSv3
CVE-2022-48366
An issue exists in eZ Platform Ibexa Kernel prior to 1.3.19. It allows determining account existence via a timing attack.
Ibexa Commerce
Ibexa Jmspaymentcorebundle
Ibexa Ezplatform-page-builder
Ibexa Ez Platform Kernel
Ibexa Digital Experience Platform
Ibexa Ez Platform
Ibexa Kernel
9.8
CVSSv3
CVE-2022-48367
An issue exists in eZ Publish Ibexa Kernel prior to 7.5.28. Access control based on object state is mishandled.
Ibexa Kernel
Ibexa Digital Experience Platform
Ibexa Ez Platform Kernel
Ibexa Fastly
Ibexa Ezplatform-http-cache-fastly
7.2
CVSSv3
CVE-2022-48365
An issue exists in eZ Platform Ibexa Kernel prior to 1.3.26. The Company admin role gives excessive privileges.
Ibexa Digital Experience Platform
Ibexa Ez Platform Kernel
Ibexa Ez Platform
9.8
CVSSv3
CVE-2022-25337
Ibexa DXP ezsystems/ezpublish-kernel 7.5.x prior to 7.5.26 and 1.3.x prior to 1.3.12 allows injection attacks via image filenames.
Ibexa Ez Platform Kernel
5.3
CVSSv3
CVE-2022-25336
Ibexa DXP ezsystems/ezpublish-kernel 7.5.x prior to 7.5.26 and 1.3.x prior to 1.3.12 allows Insecure Direct Object Reference (IDOR) attacks against image files because the image path and filename can be correctly deduced.
Ibexa Ez Platform Kernel
5.3
CVSSv3
CVE-2021-46876
An issue exists in eZ Publish Ibexa Kernel prior to 7.5.15.1. The /user/sessions endpoint can be abused to determine account existence.
Ibexa Ez Platform Kernel
6.1
CVSSv3
CVE-2021-46875
An issue exists in eZ Platform Ibexa Kernel prior to 1.3.1.1. An XSS attack can occur because JavaScript code can be uploaded in a .html or .js file.
Ibexa Ez Platform Kernel
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-26925
CVE-2023-41826
LFI
CVE-2022-22364
CVE-2024-2887
command injection
remote code execution
CVE-2024-34446
CVE-2022-48699
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started