Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ez vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2006-3004
Multiple cross-site scripting (XSS) vulnerabilities in Ez Ringtone Manager allow remote malicious users to inject arbitrary web script or HTML via the (1) id parameter in player.php and (2) keyword parameter when performing a search.
Scriptsez Ez Ringtone Manager
NA
CVE-2021-46876
An issue exists in eZ Publish Ibexa Kernel prior to 7.5.15.1. The /user/sessions endpoint can be abused to determine account existence.
Ibexa Ez Platform Kernel
5
CVSSv2
CVE-2002-1818
ezhttpbench.php in eZ httpbench 1.1 allows remote malicious users to read arbitrary files via a full pathname in the AnalyseSite parameter.
Ez Systems Httpbench 1.1
1 EDB exploit
NA
CVE-2023-2521
A vulnerability was found in NEXTU NEXT-7004N 3.0.1. It has been classified as problematic. Affected is an unknown function of the file /boafrm/formFilter of the component POST Request Handler. The manipulation of the argument url with the input <svg onload=alert(1337)> lea...
Ez-net Next-7004n Firmware 3.0.1
7.5
CVSSv2
CVE-2008-6780
SQL injection vulnerability in directory.php in Scripts for Sites (SFS) SFS EZ Affiliate allows remote malicious users to execute arbitrary SQL commands via the cat_id parameter in a list action.
Scripts-for-sites Ez Affiliate
1 EDB exploit
7.5
CVSSv2
CVE-2008-6867
SQL injection vulnerability in content.php in Scripts For Sites (SFS) EZ Career allows remote malicious users to execute arbitrary SQL commands via the topic parameter.
Scripts For Sites Ez Career
1 EDB exploit
4.3
CVSSv2
CVE-2009-0532
Cross-site scripting (XSS) vulnerability in password.php in Scripts For Sites (SFS) EZ Baby allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors, possibly involving the u2 parameter. NOTE: the provenance of this information is unknown; the ...
Scripts-for-sites Ez Baby -
7.5
CVSSv2
CVE-2008-6778
SQL injection vulnerability in viewfaqs.php in Scripts for Sites (SFS) EZ Auction allows remote malicious users to execute arbitrary SQL commands via the cat parameter.
Scripts-for-sites Ez Auction
1 EDB exploit
7.5
CVSSv2
CVE-2008-6246
SQL injection vulnerability in category.php in Scripts For Sites (SFS) EZ Webring allows remote malicious users to execute arbitrary SQL commands via the cat parameter.
Scripts-for-sites Ez Webring -
1 EDB exploit
7.5
CVSSv2
CVE-2005-3845
SQL injection vulnerability in invoices.php in EZ Invoice Inc 2.0 allows remote malicious users to execute arbitrary SQL commands via the i parameter. NOTE: the vendor has stated "EZ Invoice, Inc has a patah available. Please email support@ezinvoiceinc.com and EZI will email...
Ezinvoiceinc Ez Invoice Inc 2.0
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
cross-site request forgery
unauthorized
CVE-2024-33925
reflected XSS
CVE-2023-51580
CVE-2023-51579
CVE-2015-2051
CVE-2023-51609
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »