Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ez vulnerabilities and exploits
(subscribe to this query)
10
CVSSv2
CVE-2007-4493
eZ publish prior to 3.8.9, and 3.9 prior to 3.9.3, does not properly check permissions on module views that lack a policy function, which has unknown impact and attack vectors, as demonstrated by a vulnerability in the discount functionality in the shop module.
Ez Ez Publish 3.9.0
Ez Ez Publish 3.9.1
Ez Ez Publish
Ez Ez Publish 3.9.2
3.5
CVSSv2
CVE-2005-4855
Unrestricted file upload vulnerability in eZ publish 3.5 prior to 3.5.5, 3.6 prior to 3.6.2, 3.7 prior to 3.7.0rc2, and 3.8 prior to 20050922 does not restrict Image datatype uploads to image content types, which allows remote authenticated users to upload certain types of files,...
Ez Ez Publish
Ez Ez Publish 3.7.0
Ez Ez Publish 3.8.0
6.8
CVSSv2
CVE-2012-4053
Cross-site request forgery (CSRF) vulnerability in eZOE flash player in eZ Publish 4.1 up to and including 4.6 allows remote malicious users to hijack the authentication of unspecified victims via unknown vectors.
Ez Ez Publish 4.1.0
Ez Ez Publish 4.2.0
Ez Ez Publish 4.3.0
7.5
CVSSv2
CVE-2020-10806
eZ Publish Kernel prior to 5.4.14.1, 6.x prior to 6.13.6.2, and 7.x prior to 7.5.6.2 and eZ Publish Legacy prior to 5.4.14.1, 2017 prior to 2017.12.7.2, and 2019 prior to 2019.03.4.2 allow remote malicious users to execute arbitrary code by uploading PHP code, unless the vhost co...
Ez Ez Publish-kernel
Ez Ez Publish-legacy
7.2
CVSSv2
CVE-2004-1149
Computer Associates eTrust EZ Antivirus 7.0.0 to 7.0.4, including 7.0.1.4, installs its files with insecure permissions (ACLs), which allows local users to gain privileges by replacing critical programs with malicious ones, as demonstrated using VetMsg.exe.
Broadcom Etrust Ez Antivirus 7.0
Broadcom Etrust Ez Antivirus 7.0.1
Broadcom Etrust Ez Antivirus 7.0.4
Broadcom Etrust Ez Antivirus 7.0.2.1
Broadcom Etrust Ez Antivirus 7.0.3
Broadcom Etrust Ez Antivirus 7.0.1.1
Broadcom Etrust Ez Antivirus 7.0.1.2
Broadcom Etrust Ez Antivirus 7.0.1.3
Broadcom Etrust Ez Antivirus 7.0.1.4
Broadcom Etrust Ez Antivirus 7.0.2
4
CVSSv2
CVE-2006-7219
eZ publish prior to 3.8.5 does not properly enforce permissions for editing in a specific language, which allows remote authenticated users to create a draft in an unauthorized language by editing an archived version of an object, and then using Manage Versions to copy this versi...
Ez Ez Publish
4
CVSSv2
CVE-2005-4851
eZ publish 3.4.4 up to and including 3.7 prior to 20050722 applies certain permissions on the node level, which allows remote authenticated users to bypass the original permissions on embedded objects in XML fields and read these objects.
Ez Ez Publish
4.3
CVSSv2
CVE-2017-1000431
eZ Systems eZ Publish version 5.4.0 to 5.4.9, and 5.3.12 and older, is vulnerable to an XSS issue in the search module, resulting in a risk of attackers injecting scripts which may e.g. steal authentication credentials.
Ez Ez Publish
5
CVSSv2
CVE-2005-4850
eZ publish 3.5 up to and including 3.7 prior to 20050608 requires both edit and create permissions in order to submit data, which allows remote malicious users to edit data submitted by arbitrary anonymous users.
Ez Ez Publish
5
CVSSv2
CVE-2005-4852
The siteaccess URIMatching implementation in eZ publish 3.5 up to and including 3.8 prior to 20050812 converts all non-alphanumeric characters in a URI to '_' (underscore), which allows remote malicious users to bypass access restrictions by inserting certain characters...
Ez Ez Publish
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
cross-site request forgery
unauthorized
CVE-2024-33925
reflected XSS
CVE-2023-51580
CVE-2023-51579
CVE-2015-2051
CVE-2023-51609
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »