Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ez vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2006-7219
eZ publish prior to 3.8.5 does not properly enforce permissions for editing in a specific language, which allows remote authenticated users to create a draft in an unauthorized language by editing an archived version of an object, and then using Manage Versions to copy this versi...
Ez Ez Publish
NA
CVE-2003-0310
Cross-site scripting (XSS) vulnerability in articleview.php for eZ publish 2.2 allows remote malicious users to insert arbitrary web script.
Ez Ez Publish 2.2
1 EDB exploit
6.1
CVSSv3
CVE-2022-23397
The Cedar Gate EZ-NET portal 6.5.5 6.8.0 Internet portal has a call to display messages to users which does not properly sanitize data sent in through a URL parameter. This leads to a Reflected Cross-Site Scripting vulnerability. NOTE: the vendor disputes this because the ado.im ...
Cedargate Ez-net Portal 6.8.0
Cedargate Ez-net Portal 6.5.5
Cedargate Ez-net Portal 6.6.3
Cedargate Ez-net Portal 6.7.0
NA
CVE-2012-1597
Cross-site scripting (XSS) vulnerability in the textEncode function in classes/ezjscajaxcontent.php in eZ JS Core in eZ Publish prior to 1.5 allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Ez Ezjscore 1.0
Ez Ezjscore
1 EDB exploit
NA
CVE-2006-5523
PHP remote file inclusion vulnerability in common.php in EZ-Ticket 0.0.1 allows remote malicious users to execute arbitrary PHP code via a URL in the ezt_root_path parameter.
Ez-ticket Ez-ticket 0.0.1
1 EDB exploit
NA
CVE-2007-4260
EZPhotoSales 1.9.3 and previous versions has a default "admin" account for galleries, which allows remote malicious users to access arbitrary galleries by specifying this username.
Ez Photo Sales Ez Photo Sales
NA
CVE-2007-4262
Unrestricted file upload vulnerability in EZPhotoSales 1.9.3 and previous versions allows remote authenticated administrators to upload and execute arbitrary PHP code under OnlineViewing/galleries/.
Ez Photo Sales Ez Photo Sales
NA
CVE-2007-4259
EZPhotoSales 1.9.3 and previous versions allows remote malicious users to download arbitrary image files via (1) a direct request for a URL under OnlineViewing/galleries/ or (2) navigation of the gallery user interface with JavaScript disabled.
Ez Photo Sales Ez Photo Sales 1.9.3
NA
CVE-2007-4261
EZPhotoSales 1.9.3 and previous versions stores sensitive information under the web root with insufficient access control, which allows remote malicious users to download (1) a file containing cleartext passwords via a direct request for OnlineViewing/data/galleries.txt, or (2) a...
Ez Photo Sales Ez Photo Sales 1.9.3
NA
CVE-2009-1626
SQL injection vulnerability in public/specific.php in EZ-Blog before Beta 2 20090427, when magic_quotes_gpc is disabled, allows remote malicious users to execute arbitrary SQL commands via the category parameter.
Will Kraft Ez-blog -
Will Kraft Ez-blog
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
type confusion
IMAP
CVE-2024-36103
CVE-2024-28995
CVE-2024-37325
CVE-2024-30078
CVE-2024-30082
SQL injection
CVE-2024-30052
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »