Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ez vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2009-4365
Multiple cross-site request forgery (CSRF) vulnerabilities in admin.php in ScriptsEz Ez Blog 1.0 allow remote malicious users to hijack the authentication of administrators for requests that (1) add a blog via the add_blog action, (2) approve a comment via the approve_comment act...
Scriptsez Ez Blog 1.0
2 EDB exploits
4.3
CVSSv2
CVE-2009-4366
Cross-site scripting (XSS) vulnerability in index.php in ScriptsEz Ez Blog 1.0 allows remote malicious users to inject arbitrary web script or HTML via the yr parameter in a bmonth action.
Scriptsez Ez Blog 1.0
2 EDB exploits
NA
CVE-2021-46875
An issue exists in eZ Platform Ibexa Kernel prior to 1.3.1.1. An XSS attack can occur because JavaScript code can be uploaded in a .html or .js file.
Ibexa Ez Platform Kernel
4.3
CVSSv2
CVE-2009-0532
Cross-site scripting (XSS) vulnerability in password.php in Scripts For Sites (SFS) EZ Baby allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors, possibly involving the u2 parameter. NOTE: the provenance of this information is unknown; the ...
Scripts-for-sites Ez Baby -
4.3
CVSSv2
CVE-2009-0533
Cross-site scripting (XSS) vulnerability in password.php in Scripts for Sites EZ Reminder allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors, possibly involving the u2 parameter. NOTE: the provenance of this information is unknown; the de...
Scripts-for-sites Ez Reminder -
7.5
CVSSv2
CVE-2008-6780
SQL injection vulnerability in directory.php in Scripts for Sites (SFS) SFS EZ Affiliate allows remote malicious users to execute arbitrary SQL commands via the cat_id parameter in a list action.
Scripts-for-sites Ez Affiliate
1 EDB exploit
7.5
CVSSv2
CVE-2008-6246
SQL injection vulnerability in category.php in Scripts For Sites (SFS) EZ Webring allows remote malicious users to execute arbitrary SQL commands via the cat parameter.
Scripts-for-sites Ez Webring -
1 EDB exploit
NA
CVE-2015-10071
A vulnerability was found in gitter-badger ezpublish-modern-legacy. It has been rated as problematic. This issue affects some unknown processing of the file kernel/user/forgotpassword.php. The manipulation leads to weak password recovery. The complexity of an attack is rather hig...
Gitter Ez Publish Modern Legacy
7.5
CVSSv2
CVE-2005-3845
SQL injection vulnerability in invoices.php in EZ Invoice Inc 2.0 allows remote malicious users to execute arbitrary SQL commands via the i parameter. NOTE: the vendor has stated "EZ Invoice, Inc has a patah available. Please email support@ezinvoiceinc.com and EZI will email...
Ezinvoiceinc Ez Invoice Inc 2.0
1 EDB exploit
7.5
CVSSv2
CVE-2008-6867
SQL injection vulnerability in content.php in Scripts For Sites (SFS) EZ Career allows remote malicious users to execute arbitrary SQL commands via the topic parameter.
Scripts For Sites Ez Career
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
camera
bypass
CVE-2024-3592
CVE-2024-37383
CVE-2024-24919
CVE-2024-27822
CVE-2024-36788
CVE-2024-36789
man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »