Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ez vulnerabilities and exploits
(subscribe to this query)
4
CVSSv2
CVE-2005-4851
eZ publish 3.4.4 up to and including 3.7 prior to 20050722 applies certain permissions on the node level, which allows remote authenticated users to bypass the original permissions on embedded objects in XML fields and read these objects.
Ez Ez Publish
6.8
CVSSv2
CVE-2003-0310
Cross-site scripting (XSS) vulnerability in articleview.php for eZ publish 2.2 allows remote malicious users to insert arbitrary web script.
Ez Ez Publish 2.2
1 EDB exploit
2.6
CVSSv2
CVE-2012-1597
Cross-site scripting (XSS) vulnerability in the textEncode function in classes/ezjscajaxcontent.php in eZ JS Core in eZ Publish prior to 1.5 allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Ez Ezjscore 1.0
Ez Ezjscore
1 EDB exploit
7.5
CVSSv2
CVE-2006-5523
PHP remote file inclusion vulnerability in common.php in EZ-Ticket 0.0.1 allows remote malicious users to execute arbitrary PHP code via a URL in the ezt_root_path parameter.
Ez-ticket Ez-ticket 0.0.1
1 EDB exploit
4.3
CVSSv2
CVE-2022-23397
The Cedar Gate EZ-NET portal 6.5.5 6.8.0 Internet portal has a call to display messages to users which does not properly sanitize data sent in through a URL parameter. This leads to a Reflected Cross-Site Scripting vulnerability. NOTE: the vendor disputes this because the ado.im ...
Cedargate Ez-net Portal 6.8.0
Cedargate Ez-net Portal 6.5.5
Cedargate Ez-net Portal 6.6.3
Cedargate Ez-net Portal 6.7.0
5
CVSSv2
CVE-2007-4260
EZPhotoSales 1.9.3 and previous versions has a default "admin" account for galleries, which allows remote malicious users to access arbitrary galleries by specifying this username.
Ez Photo Sales Ez Photo Sales
8.5
CVSSv2
CVE-2007-4262
Unrestricted file upload vulnerability in EZPhotoSales 1.9.3 and previous versions allows remote authenticated administrators to upload and execute arbitrary PHP code under OnlineViewing/galleries/.
Ez Photo Sales Ez Photo Sales
5
CVSSv2
CVE-2007-4259
EZPhotoSales 1.9.3 and previous versions allows remote malicious users to download arbitrary image files via (1) a direct request for a URL under OnlineViewing/galleries/ or (2) navigation of the gallery user interface with JavaScript disabled.
Ez Photo Sales Ez Photo Sales 1.9.3
7.5
CVSSv2
CVE-2007-4261
EZPhotoSales 1.9.3 and previous versions stores sensitive information under the web root with insufficient access control, which allows remote malicious users to download (1) a file containing cleartext passwords via a direct request for OnlineViewing/data/galleries.txt, or (2) a...
Ez Photo Sales Ez Photo Sales 1.9.3
4.3
CVSSv2
CVE-2019-12139
An XSS issue exists in the Admin UI in eZ Platform 2.x. This affects ezplatform-admin-ui 1.3.x prior to 1.3.5 and 1.4.x prior to 1.4.4, and ezplatform-page-builder 1.1.x prior to 1.1.5 and 1.2.x prior to 1.2.4.
Ez Ezplatform-admin-ui
Ez Ezplatform-page-builder
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »