Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ez vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2002-1818
ezhttpbench.php in eZ httpbench 1.1 allows remote malicious users to read arbitrary files via a full pathname in the AnalyseSite parameter.
Ez Systems Httpbench 1.1
1 EDB exploit
NA
CVE-2006-3004
Multiple cross-site scripting (XSS) vulnerabilities in Ez Ringtone Manager allow remote malicious users to inject arbitrary web script or HTML via the (1) id parameter in player.php and (2) keyword parameter when performing a search.
Scriptsez Ez Ringtone Manager
7.8
CVSSv3
CVE-2019-13518
An attacker could use a specially crafted project file to overflow the buffer and execute code under the privileges of the EZ Touch Editor Versions 2.1.0 and prior.
Ezautomation Ez Touch Editor
7.8
CVSSv3
CVE-2019-13522
An attacker could use a specially crafted project file to corrupt the memory and execute code under the privileges of the EZ PLC Editor Versions 1.8.41 and prior.
Ezautomation Ez Plc Editor
9.8
CVSSv3
CVE-2022-25337
Ibexa DXP ezsystems/ezpublish-kernel 7.5.x prior to 7.5.26 and 1.3.x prior to 1.3.12 allows injection attacks via image filenames.
Ibexa Ez Platform Kernel
NA
CVE-2009-4384
Multiple cross-site scripting (XSS) vulnerabilities in Scriptsez.net Ez Poll Hoster (EPH) allow remote malicious users to inject arbitrary web script or HTML via the (1) pid parameter in a code action to index.php and the (2) uid parameter in a view action to profile.php.
Scriptsez Ez Poll Hoster
1 EDB exploit
NA
CVE-2009-4385
Multiple cross-site request forgery (CSRF) vulnerabilities in Scriptsez.net Ez Poll Hoster (EPH) allow remote malicious users to (1) hijack the authentication of arbitrary users for requests that delete polls via the delete_poll action to index.php; and hijack the authentication ...
Scriptsez Ez Poll Hoster
1 EDB exploit
5.3
CVSSv3
CVE-2021-46876
An issue exists in eZ Publish Ibexa Kernel prior to 7.5.15.1. The /user/sessions endpoint can be abused to determine account existence.
Ibexa Ez Platform Kernel
NA
CVE-2008-6112
Multiple directory traversal vulnerabilities in Ez Ringtone Manager allow remote malicious users to read arbitrary files via a .. (dot dot) in the id parameter in a detail action to (1) main.php and (2) template.php in ringtones/.
Scriptsez Ez Ringtone Manager -
1 EDB exploit
NA
CVE-2009-0762
Cross-site scripting (XSS) vulnerability in ScriptsEz Ez PHP Comment allows remote malicious users to inject arbitrary web script or HTML via the name parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Scriptsez Ez Php Comment -
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
camera
bypass
CVE-2024-3592
CVE-2024-37383
CVE-2024-24919
CVE-2024-27822
CVE-2024-36788
CVE-2024-36789
man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »