Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ez vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2019-12139
An XSS issue exists in the Admin UI in eZ Platform 2.x. This affects ezplatform-admin-ui 1.3.x prior to 1.3.5 and 1.4.x prior to 1.4.4, and ezplatform-page-builder 1.1.x prior to 1.1.5 and 1.2.x prior to 1.2.4.
Ez Ezplatform-admin-ui
Ez Ezplatform-page-builder
2.1
CVSSv2
CVE-2003-0887
ez-ipupdate 3.0.11b7 and previous versions creates insecure temporary cache files, which allows local users to conduct unauthorized operations via a symlink attack on the ez-ipupdate.cache file.
Angus Mackay Ez-ipupdate 3.0.11b5
Angus Mackay Ez-ipupdate 3.0.11b7
NA
CVE-2022-48365
An issue exists in eZ Platform Ibexa Kernel prior to 1.3.26. The Company admin role gives excessive privileges.
Ibexa Digital Experience Platform
Ibexa Ez Platform Kernel
Ibexa Ez Platform
4.3
CVSSv2
CVE-2009-4364
Cross-site scripting (XSS) vulnerability in index.php in ScriptsEz Ez Blog allows remote malicious users to inject arbitrary web script or HTML via the cname parameter, related to the act and id parameters. NOTE: the provenance of this information is unknown; the details are obta...
Scriptsez Ez Blog
2 EDB exploits
4.3
CVSSv2
CVE-2009-4317
Cross-site scripting (XSS) vulnerability in index.php in ScriptsEz Ez Cart allows remote malicious users to inject arbitrary web script or HTML via the sid parameter in a showcat action.
Scriptsez Ez Cart
7.5
CVSSv2
CVE-2012-0983
SQL injection vulnerability in Scriptsez.net Ez Album allows remote malicious users to execute arbitrary SQL commands via the id parameter in a view action to index.php.
Scriptsez Ez Album -
1 EDB exploit
10
CVSSv2
CVE-2004-0980
Format string vulnerability in ez-ipupdate.c for ez-ipupdate 3.0.10 up to and including 3.0.11b8, when running in daemon mode with certain service types in use, allows remote servers to execute arbitrary code.
Angus Mackay Ez-ipupdate 3.0.11b5
Angus Mackay Ez-ipupdate 3.0.11b8
Debian Debian Linux 3.0
Gentoo Linux
4.3
CVSSv2
CVE-2022-25336
Ibexa DXP ezsystems/ezpublish-kernel 7.5.x prior to 7.5.26 and 1.3.x prior to 1.3.12 allows Insecure Direct Object Reference (IDOR) attacks against image files because the image path and filename can be correctly deduced.
Ibexa Ez Platform Kernel
6.8
CVSSv2
CVE-2022-25337
Ibexa DXP ezsystems/ezpublish-kernel 7.5.x prior to 7.5.26 and 1.3.x prior to 1.3.12 allows injection attacks via image filenames.
Ibexa Ez Platform Kernel
NA
CVE-2021-46875
An issue exists in eZ Platform Ibexa Kernel prior to 1.3.1.1. An XSS attack can occur because JavaScript code can be uploaded in a .html or .js file.
Ibexa Ez Platform Kernel
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3380
CVE-2024-1694
local file inclusion
CVE-2024-5645
CVE-2024-24919
XSS
CVE-2024-36774
CVE-2024-21306
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »