Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ez vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2021-46875
An issue exists in eZ Platform Ibexa Kernel prior to 1.3.1.1. An XSS attack can occur because JavaScript code can be uploaded in a .html or .js file.
Ibexa Ez Platform Kernel
NA
CVE-2009-4801
EZ-Blog Beta 1 does not require authentication, which allows remote malicious users to create or delete arbitrary posts via requests to PHP scripts.
Will Kraft Ez-blog -
1 EDB exploit
NA
CVE-2009-4805
Multiple SQL injection vulnerabilities in EZ-Blog Beta 1, when magic_quotes_gpc is disabled, allow remote malicious users to execute arbitrary SQL commands via (1) the storyid parameter to public/view.php or (2) the kill parameter to admin/remove.php.
Will Kraft Ez-blog -
1 EDB exploit
7.5
CVSSv3
CVE-2015-10071
A vulnerability was found in gitter-badger ezpublish-modern-legacy. It has been rated as problematic. This issue affects some unknown processing of the file kernel/user/forgotpassword.php. The manipulation leads to weak password recovery. The complexity of an attack is rather hig...
Gitter Ez Publish Modern Legacy
NA
CVE-2008-6778
SQL injection vulnerability in viewfaqs.php in Scripts for Sites (SFS) EZ Auction allows remote malicious users to execute arbitrary SQL commands via the cat parameter.
Scripts-for-sites Ez Auction
1 EDB exploit
NA
CVE-2008-6246
SQL injection vulnerability in category.php in Scripts For Sites (SFS) EZ Webring allows remote malicious users to execute arbitrary SQL commands via the cat parameter.
Scripts-for-sites Ez Webring -
1 EDB exploit
6.1
CVSSv3
CVE-2023-2521
A vulnerability was found in NEXTU NEXT-7004N 3.0.1. It has been classified as problematic. Affected is an unknown function of the file /boafrm/formFilter of the component POST Request Handler. The manipulation of the argument url with the input <svg onload=alert(1337)> lea...
Ez-net Next-7004n Firmware 3.0.1
NA
CVE-2009-0533
Cross-site scripting (XSS) vulnerability in password.php in Scripts for Sites EZ Reminder allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors, possibly involving the u2 parameter. NOTE: the provenance of this information is unknown; the de...
Scripts-for-sites Ez Reminder -
NA
CVE-2008-6780
SQL injection vulnerability in directory.php in Scripts for Sites (SFS) SFS EZ Affiliate allows remote malicious users to execute arbitrary SQL commands via the cat_id parameter in a list action.
Scripts-for-sites Ez Affiliate
1 EDB exploit
NA
CVE-2008-6867
SQL injection vulnerability in content.php in Scripts For Sites (SFS) EZ Career allows remote malicious users to execute arbitrary SQL commands via the topic parameter.
Scripts For Sites Ez Career
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »