Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ez vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2009-4801
EZ-Blog Beta 1 does not require authentication, which allows remote malicious users to create or delete arbitrary posts via requests to PHP scripts.
Will Kraft Ez-blog -
1 EDB exploit
NA
CVE-2009-4805
Multiple SQL injection vulnerabilities in EZ-Blog Beta 1, when magic_quotes_gpc is disabled, allow remote malicious users to execute arbitrary SQL commands via (1) the storyid parameter to public/view.php or (2) the kill parameter to admin/remove.php.
Will Kraft Ez-blog -
1 EDB exploit
NA
CVE-2008-6112
Multiple directory traversal vulnerabilities in Ez Ringtone Manager allow remote malicious users to read arbitrary files via a .. (dot dot) in the id parameter in a detail action to (1) main.php and (2) template.php in ringtones/.
Scriptsez Ez Ringtone Manager -
1 EDB exploit
7.5
CVSSv3
CVE-2015-10071
A vulnerability was found in gitter-badger ezpublish-modern-legacy. It has been rated as problematic. This issue affects some unknown processing of the file kernel/user/forgotpassword.php. The manipulation leads to weak password recovery. The complexity of an attack is rather hig...
Gitter Ez Publish Modern Legacy
NA
CVE-2005-3845
SQL injection vulnerability in invoices.php in EZ Invoice Inc 2.0 allows remote malicious users to execute arbitrary SQL commands via the i parameter. NOTE: the vendor has stated "EZ Invoice, Inc has a patah available. Please email support@ezinvoiceinc.com and EZI will email...
Ezinvoiceinc Ez Invoice Inc 2.0
1 EDB exploit
NA
CVE-2009-0532
Cross-site scripting (XSS) vulnerability in password.php in Scripts For Sites (SFS) EZ Baby allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors, possibly involving the u2 parameter. NOTE: the provenance of this information is unknown; the ...
Scripts-for-sites Ez Baby -
NA
CVE-2009-0533
Cross-site scripting (XSS) vulnerability in password.php in Scripts for Sites EZ Reminder allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors, possibly involving the u2 parameter. NOTE: the provenance of this information is unknown; the de...
Scripts-for-sites Ez Reminder -
NA
CVE-2008-6778
SQL injection vulnerability in viewfaqs.php in Scripts for Sites (SFS) EZ Auction allows remote malicious users to execute arbitrary SQL commands via the cat parameter.
Scripts-for-sites Ez Auction
1 EDB exploit
NA
CVE-2008-6780
SQL injection vulnerability in directory.php in Scripts for Sites (SFS) SFS EZ Affiliate allows remote malicious users to execute arbitrary SQL commands via the cat_id parameter in a list action.
Scripts-for-sites Ez Affiliate
1 EDB exploit
NA
CVE-2008-6867
SQL injection vulnerability in content.php in Scripts For Sites (SFS) EZ Career allows remote malicious users to execute arbitrary SQL commands via the topic parameter.
Scripts For Sites Ez Career
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30043
camera
CVE-2023-40404
CVE-2024-2793
client side
CVE-2024-4469
CVE-2024-3565
CVE-2024-29825
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »