Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ez vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2009-1626
SQL injection vulnerability in public/specific.php in EZ-Blog before Beta 2 20090427, when magic_quotes_gpc is disabled, allows remote malicious users to execute arbitrary SQL commands via the category parameter.
Will Kraft Ez-blog
Will Kraft Ez-blog -
1 EDB exploit
2.1
CVSSv2
CVE-2003-0887
ez-ipupdate 3.0.11b7 and previous versions creates insecure temporary cache files, which allows local users to conduct unauthorized operations via a symlink attack on the ez-ipupdate.cache file.
Angus Mackay Ez-ipupdate 3.0.11b5
Angus Mackay Ez-ipupdate 3.0.11b7
NA
CVE-2022-48365
An issue exists in eZ Platform Ibexa Kernel prior to 1.3.26. The Company admin role gives excessive privileges.
Ibexa Digital Experience Platform
Ibexa Ez Platform Kernel
Ibexa Ez Platform
7.5
CVSSv2
CVE-2012-0983
SQL injection vulnerability in Scriptsez.net Ez Album allows remote malicious users to execute arbitrary SQL commands via the id parameter in a view action to index.php.
Scriptsez Ez Album -
1 EDB exploit
4.3
CVSSv2
CVE-2009-4317
Cross-site scripting (XSS) vulnerability in index.php in ScriptsEz Ez Cart allows remote malicious users to inject arbitrary web script or HTML via the sid parameter in a showcat action.
Scriptsez Ez Cart
4.3
CVSSv2
CVE-2009-4364
Cross-site scripting (XSS) vulnerability in index.php in ScriptsEz Ez Blog allows remote malicious users to inject arbitrary web script or HTML via the cname parameter, related to the act and id parameters. NOTE: the provenance of this information is unknown; the details are obta...
Scriptsez Ez Blog
2 EDB exploits
10
CVSSv2
CVE-2004-0980
Format string vulnerability in ez-ipupdate.c for ez-ipupdate 3.0.10 up to and including 3.0.11b8, when running in daemon mode with certain service types in use, allows remote servers to execute arbitrary code.
Angus Mackay Ez-ipupdate 3.0.11b5
Angus Mackay Ez-ipupdate 3.0.11b8
Debian Debian Linux 3.0
Gentoo Linux
6.8
CVSSv2
CVE-2022-25337
Ibexa DXP ezsystems/ezpublish-kernel 7.5.x prior to 7.5.26 and 1.3.x prior to 1.3.12 allows injection attacks via image filenames.
Ibexa Ez Platform Kernel
NA
CVE-2021-46876
An issue exists in eZ Publish Ibexa Kernel prior to 7.5.15.1. The /user/sessions endpoint can be abused to determine account existence.
Ibexa Ez Platform Kernel
4.3
CVSSv2
CVE-2006-3004
Multiple cross-site scripting (XSS) vulnerabilities in Ez Ringtone Manager allow remote malicious users to inject arbitrary web script or HTML via the (1) id parameter in player.php and (2) keyword parameter when performing a search.
Scriptsez Ez Ringtone Manager
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »