Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ez vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2007-4493
eZ publish prior to 3.8.9, and 3.9 prior to 3.9.3, does not properly check permissions on module views that lack a policy function, which has unknown impact and attack vectors, as demonstrated by a vulnerability in the discount functionality in the shop module.
Ez Ez Publish 3.9.0
Ez Ez Publish 3.9.1
Ez Ez Publish
Ez Ez Publish 3.9.2
NA
CVE-2005-4855
Unrestricted file upload vulnerability in eZ publish 3.5 prior to 3.5.5, 3.6 prior to 3.6.2, 3.7 prior to 3.7.0rc2, and 3.8 prior to 20050922 does not restrict Image datatype uploads to image content types, which allows remote authenticated users to upload certain types of files,...
Ez Ez Publish
Ez Ez Publish 3.7.0
Ez Ez Publish 3.8.0
NA
CVE-2012-4053
Cross-site request forgery (CSRF) vulnerability in eZOE flash player in eZ Publish 4.1 up to and including 4.6 allows remote malicious users to hijack the authentication of unspecified victims via unknown vectors.
Ez Ez Publish 4.1.0
Ez Ez Publish 4.2.0
Ez Ez Publish 4.3.0
9.8
CVSSv3
CVE-2020-10806
eZ Publish Kernel prior to 5.4.14.1, 6.x prior to 6.13.6.2, and 7.x prior to 7.5.6.2 and eZ Publish Legacy prior to 5.4.14.1, 2017 prior to 2017.12.7.2, and 2019 prior to 2019.03.4.2 allow remote malicious users to execute arbitrary code by uploading PHP code, unless the vhost co...
Ez Ez Publish-kernel
Ez Ez Publish-legacy
NA
CVE-2004-1149
Computer Associates eTrust EZ Antivirus 7.0.0 to 7.0.4, including 7.0.1.4, installs its files with insecure permissions (ACLs), which allows local users to gain privileges by replacing critical programs with malicious ones, as demonstrated using VetMsg.exe.
Broadcom Etrust Ez Antivirus 7.0
Broadcom Etrust Ez Antivirus 7.0.1
Broadcom Etrust Ez Antivirus 7.0.4
Broadcom Etrust Ez Antivirus 7.0.2.1
Broadcom Etrust Ez Antivirus 7.0.3
Broadcom Etrust Ez Antivirus 7.0.1.1
Broadcom Etrust Ez Antivirus 7.0.1.2
Broadcom Etrust Ez Antivirus 7.0.1.3
Broadcom Etrust Ez Antivirus 7.0.1.4
Broadcom Etrust Ez Antivirus 7.0.2
NA
CVE-2005-4850
eZ publish 3.5 up to and including 3.7 prior to 20050608 requires both edit and create permissions in order to submit data, which allows remote malicious users to edit data submitted by arbitrary anonymous users.
Ez Ez Publish
NA
CVE-2006-7219
eZ publish prior to 3.8.5 does not properly enforce permissions for editing in a specific language, which allows remote authenticated users to create a draft in an unauthorized language by editing an archived version of an object, and then using Manage Versions to copy this versi...
Ez Ez Publish
6.1
CVSSv3
CVE-2017-1000431
eZ Systems eZ Publish version 5.4.0 to 5.4.9, and 5.3.12 and older, is vulnerable to an XSS issue in the search module, resulting in a risk of attackers injecting scripts which may e.g. steal authentication credentials.
Ez Ez Publish
NA
CVE-2005-4852
The siteaccess URIMatching implementation in eZ publish 3.5 up to and including 3.8 prior to 20050812 converts all non-alphanumeric characters in a URI to '_' (underscore), which allows remote malicious users to bypass access restrictions by inserting certain characters...
Ez Ez Publish
NA
CVE-2006-7218
eZ publish prior to 3.8.1 does not properly enforce permissions for "content edit Language" when there are four or more languages, which allows remote authenticated users to perform translations into languages that are not listed in a Module Function Limitation policy.
Ez Ez Publish
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30051
remote
CVE-2024-27954
CVE-2023-51483
CVE-2023-47782
SSRF
CVE-2024-24715
CVE-2023-52424
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »