Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ez vulnerabilities and exploits
(subscribe to this query)
4
CVSSv2
CVE-2006-7218
eZ publish prior to 3.8.1 does not properly enforce permissions for "content edit Language" when there are four or more languages, which allows remote authenticated users to perform translations into languages that are not listed in a Module Function Limitation policy.
Ez Ez Publish
6.8
CVSSv2
CVE-2003-0310
Cross-site scripting (XSS) vulnerability in articleview.php for eZ publish 2.2 allows remote malicious users to insert arbitrary web script.
Ez Ez Publish 2.2
1 EDB exploit
7.5
CVSSv2
CVE-2006-5523
PHP remote file inclusion vulnerability in common.php in EZ-Ticket 0.0.1 allows remote malicious users to execute arbitrary PHP code via a URL in the ezt_root_path parameter.
Ez-ticket Ez-ticket 0.0.1
1 EDB exploit
2.6
CVSSv2
CVE-2012-1597
Cross-site scripting (XSS) vulnerability in the textEncode function in classes/ezjscajaxcontent.php in eZ JS Core in eZ Publish prior to 1.5 allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Ez Ezjscore 1.0
Ez Ezjscore
1 EDB exploit
4.3
CVSSv2
CVE-2022-23397
The Cedar Gate EZ-NET portal 6.5.5 6.8.0 Internet portal has a call to display messages to users which does not properly sanitize data sent in through a URL parameter. This leads to a Reflected Cross-Site Scripting vulnerability. NOTE: the vendor disputes this because the ado.im ...
Cedargate Ez-net Portal 6.8.0
Cedargate Ez-net Portal 6.5.5
Cedargate Ez-net Portal 6.6.3
Cedargate Ez-net Portal 6.7.0
5
CVSSv2
CVE-2007-4260
EZPhotoSales 1.9.3 and previous versions has a default "admin" account for galleries, which allows remote malicious users to access arbitrary galleries by specifying this username.
Ez Photo Sales Ez Photo Sales
8.5
CVSSv2
CVE-2007-4262
Unrestricted file upload vulnerability in EZPhotoSales 1.9.3 and previous versions allows remote authenticated administrators to upload and execute arbitrary PHP code under OnlineViewing/galleries/.
Ez Photo Sales Ez Photo Sales
5
CVSSv2
CVE-2007-4259
EZPhotoSales 1.9.3 and previous versions allows remote malicious users to download arbitrary image files via (1) a direct request for a URL under OnlineViewing/galleries/ or (2) navigation of the gallery user interface with JavaScript disabled.
Ez Photo Sales Ez Photo Sales 1.9.3
7.5
CVSSv2
CVE-2007-4261
EZPhotoSales 1.9.3 and previous versions stores sensitive information under the web root with insufficient access control, which allows remote malicious users to download (1) a file containing cleartext passwords via a direct request for OnlineViewing/data/galleries.txt, or (2) a...
Ez Photo Sales Ez Photo Sales 1.9.3
4.3
CVSSv2
CVE-2019-12139
An XSS issue exists in the Admin UI in eZ Platform 2.x. This affects ezplatform-admin-ui 1.3.x prior to 1.3.5 and 1.4.x prior to 1.4.4, and ezplatform-page-builder 1.1.x prior to 1.1.5 and 1.2.x prior to 1.2.4.
Ez Ezplatform-admin-ui
Ez Ezplatform-page-builder
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3581
reflected XSS
CVE-2024-26925
CVE-2024-27956
LFI
CVE-2024-3607
CVE-2024-3107
CVE-2024-3295
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »