Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ez vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2007-4494
The tipafriend function in eZ publish prior to 3.8.9, and 3.9 prior to 3.9.3, does not limit access by anonymous users, which allows remote malicious users to conduct spam attacks.
Ez Ez Publish 3.9.1
Ez Ez Publish 3.9.2
Ez Ez Publish
Ez Ez Publish 3.9.0
NA
CVE-2005-4855
Unrestricted file upload vulnerability in eZ publish 3.5 prior to 3.5.5, 3.6 prior to 3.6.2, 3.7 prior to 3.7.0rc2, and 3.8 prior to 20050922 does not restrict Image datatype uploads to image content types, which allows remote authenticated users to upload certain types of files,...
Ez Ez Publish
Ez Ez Publish 3.7.0
Ez Ez Publish 3.8.0
NA
CVE-2012-4053
Cross-site request forgery (CSRF) vulnerability in eZOE flash player in eZ Publish 4.1 up to and including 4.6 allows remote malicious users to hijack the authentication of unspecified victims via unknown vectors.
Ez Ez Publish 4.1.0
Ez Ez Publish 4.2.0
Ez Ez Publish 4.3.0
9.8
CVSSv3
CVE-2020-10806
eZ Publish Kernel prior to 5.4.14.1, 6.x prior to 6.13.6.2, and 7.x prior to 7.5.6.2 and eZ Publish Legacy prior to 5.4.14.1, 2017 prior to 2017.12.7.2, and 2019 prior to 2019.03.4.2 allow remote malicious users to execute arbitrary code by uploading PHP code, unless the vhost co...
Ez Ez Publish-kernel
Ez Ez Publish-legacy
NA
CVE-2004-1149
Computer Associates eTrust EZ Antivirus 7.0.0 to 7.0.4, including 7.0.1.4, installs its files with insecure permissions (ACLs), which allows local users to gain privileges by replacing critical programs with malicious ones, as demonstrated using VetMsg.exe.
Broadcom Etrust Ez Antivirus 7.0
Broadcom Etrust Ez Antivirus 7.0.1
Broadcom Etrust Ez Antivirus 7.0.4
Broadcom Etrust Ez Antivirus 7.0.2.1
Broadcom Etrust Ez Antivirus 7.0.3
Broadcom Etrust Ez Antivirus 7.0.1.1
Broadcom Etrust Ez Antivirus 7.0.1.2
Broadcom Etrust Ez Antivirus 7.0.1.3
Broadcom Etrust Ez Antivirus 7.0.1.4
Broadcom Etrust Ez Antivirus 7.0.2
NA
CVE-2005-4850
eZ publish 3.5 up to and including 3.7 prior to 20050608 requires both edit and create permissions in order to submit data, which allows remote malicious users to edit data submitted by arbitrary anonymous users.
Ez Ez Publish
NA
CVE-2005-4851
eZ publish 3.4.4 up to and including 3.7 prior to 20050722 applies certain permissions on the node level, which allows remote authenticated users to bypass the original permissions on embedded objects in XML fields and read these objects.
Ez Ez Publish
NA
CVE-2005-4852
The siteaccess URIMatching implementation in eZ publish 3.5 up to and including 3.8 prior to 20050812 converts all non-alphanumeric characters in a URI to '_' (underscore), which allows remote malicious users to bypass access restrictions by inserting certain characters...
Ez Ez Publish
NA
CVE-2006-7218
eZ publish prior to 3.8.1 does not properly enforce permissions for "content edit Language" when there are four or more languages, which allows remote authenticated users to perform translations into languages that are not listed in a Module Function Limitation policy.
Ez Ez Publish
NA
CVE-2006-7219
eZ publish prior to 3.8.5 does not properly enforce permissions for editing in a specific language, which allows remote authenticated users to create a draft in an unauthorized language by editing an archived version of an object, and then using Manage Versions to copy this versi...
Ez Ez Publish
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
HTML injection
CVE-2024-35894
SQL
CVE-2024-5105
CVE-2014-100005
CVE-2024-35895
unauthorized
CVE-2024-22120
CVE-2024-35890
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »