Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ez vulnerabilities and exploits
(subscribe to this query)
383
VMScore
CVE-2017-1000431
eZ Systems eZ Publish version 5.4.0 to 5.4.9, and 5.3.12 and older, is vulnerable to an XSS issue in the search module, resulting in a risk of attackers injecting scripts which may e.g. steal authentication credentials.
Ez Ez Publish
685
VMScore
CVE-2003-0310
Cross-site scripting (XSS) vulnerability in articleview.php for eZ publish 2.2 allows remote malicious users to insert arbitrary web script.
Ez Ez Publish 2.2
1 EDB exploit
755
VMScore
CVE-2006-5523
PHP remote file inclusion vulnerability in common.php in EZ-Ticket 0.0.1 allows remote malicious users to execute arbitrary PHP code via a URL in the ezt_root_path parameter.
Ez-ticket Ez-ticket 0.0.1
1 EDB exploit
265
VMScore
CVE-2012-1597
Cross-site scripting (XSS) vulnerability in the textEncode function in classes/ezjscajaxcontent.php in eZ JS Core in eZ Publish prior to 1.5 allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Ez Ezjscore 1.0
Ez Ezjscore
1 EDB exploit
384
VMScore
CVE-2022-23397
The Cedar Gate EZ-NET portal 6.5.5 6.8.0 Internet portal has a call to display messages to users which does not properly sanitize data sent in through a URL parameter. This leads to a Reflected Cross-Site Scripting vulnerability. NOTE: the vendor disputes this because the ado.im ...
Cedargate Ez-net Portal 6.8.0
Cedargate Ez-net Portal 6.5.5
Cedargate Ez-net Portal 6.6.3
Cedargate Ez-net Portal 6.7.0
445
VMScore
CVE-2007-4260
EZPhotoSales 1.9.3 and previous versions has a default "admin" account for galleries, which allows remote malicious users to access arbitrary galleries by specifying this username.
Ez Photo Sales Ez Photo Sales
756
VMScore
CVE-2007-4262
Unrestricted file upload vulnerability in EZPhotoSales 1.9.3 and previous versions allows remote authenticated administrators to upload and execute arbitrary PHP code under OnlineViewing/galleries/.
Ez Photo Sales Ez Photo Sales
445
VMScore
CVE-2007-4259
EZPhotoSales 1.9.3 and previous versions allows remote malicious users to download arbitrary image files via (1) a direct request for a URL under OnlineViewing/galleries/ or (2) navigation of the gallery user interface with JavaScript disabled.
Ez Photo Sales Ez Photo Sales 1.9.3
668
VMScore
CVE-2007-4261
EZPhotoSales 1.9.3 and previous versions stores sensitive information under the web root with insufficient access control, which allows remote malicious users to download (1) a file containing cleartext passwords via a direct request for OnlineViewing/data/galleries.txt, or (2) a...
Ez Photo Sales Ez Photo Sales 1.9.3
383
VMScore
CVE-2019-12139
An XSS issue exists in the Admin UI in eZ Platform 2.x. This affects ezplatform-admin-ui 1.3.x prior to 1.3.5 and 1.4.x prior to 1.4.4, and ezplatform-page-builder 1.1.x prior to 1.1.5 and 1.2.x prior to 1.2.4.
Ez Ezplatform-admin-ui
Ez Ezplatform-page-builder
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
bypass
open redirect
CVE-2024-4358
CVE-2024-24199
CVE-2024-5550
CVE-2024-5305
CVE-2024-30373
CVE-2024-1800
deserialization
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »