EUVD-2020-15819

Malware in sbrugna...

CVE-2020-23065

Cross Site Scripting vulnerabiltiy in eZ Systems AS eZPublish Platform v.5.4 and eZ Publish Legacy v.5.4 allows a remote authenticated attacker to execute arbitrary code via the video-js.swf...

CVE-2020-23065

Cross Site Scripting vulnerabiltiy in eZ Systems AS eZPublish Platform v.5.4 and eZ Publish Legacy v.5.4 allows a remote authenticated attacker to execute arbitrary code via the video-js.swf...

CVE-2020-23065

CVE-2020-23065 affects eZ Systems AS eZPublish Platform v5.4 and eZ Publish Legacy v5.4. The vulnerability is a Cross Site Scripting flaw in the video-js.swf that allows a remote authenticated attacker to execute arbitrary code within the web application. Exploitation requires authentication and ...

CVE-2020-23065

Cross Site Scripting vulnerabiltiy in eZ Systems AS eZPublish Platform v.5.4 and eZ Publish Legacy v.5.4 allows a remote authenticated attacker to execute arbitrary code via the video-js.swf...

CVE-2020-23065

Cross Site Scripting vulnerabiltiy in eZ Systems AS eZPublish Platform v.5.4 and eZ Publish Legacy v.5.4 allows a remote authenticated attacker to execute arbitrary code via the video-js.swf...

Ez Systems eZ Platform 安全漏洞

Ez Systems eZ Platform is a content management system CMS based on the Symfony framework from Ez Systems, Norway. A security vulnerability exists in Ez Systems eZ Publish Ibexa Kernel versions prior to 7.5.15.1, which stems from misuse of the /user/sessions endpoint to determine if an account...

Ez Systems eZ Platform 安全漏洞

Ez Systems eZ Platform is a content management system CMS based on the Symfony framework from Ez Systems, Norway. A security vulnerability exists in eZ Publish Ibexa Kernel versions prior to 7.5.28, which stems from improper handling of access control...

Ez Systems eZ Platform 跨站脚本漏洞

Ez Systems eZ Platform is a content management system CMS based on the Symfony framework from Ez Systems, Norway. A security vulnerability exists in eZ Platform Ibexa Kernel versions prior to 1.3.1.1, which stems from JavaScript code that can be uploaded in .html or .js files...

Design/Logic Flaw

eZ Systems eZ Publish version 5.4.0 to 5.4.9, and 5.3.12 and older, is vulnerable to an XSS issue in the search module, resulting in a risk of attackers injecting scripts which may e.g. steal authentication credentials...

CVE-2017-1000431

eZ Systems eZ Publish version 5.4.0 to 5.4.9, and 5.3.12 and older, is vulnerable to an XSS issue in the search module, resulting in a risk of attackers injecting scripts which may e.g. steal authentication credentials...

CVE-2017-1000431

CVE-2017-1000431 affects eZ Publish: versions 5.4.0–5.4.9 and 5.3.12 and older. The vulnerability is an XSS in the search module that could allow an attacker to inject scripts and potentially steal authentication credentials. The linked sources (e.g., ezpublish advisory and security pages) confir...

CVE-2017-1000431

eZ Systems eZ Publish version 5.4.0 to 5.4.9, and 5.3.12 and older, is vulnerable to an XSS issue in the search module, resulting in a risk of attackers injecting scripts which may e.g. steal authentication credentials...

EZ Systems HTTPBench 1.1 Information Disclosure Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/6153/info An information disclosure vulnerability has been reported for httpbench. Reportedly, httpbench may disclose the contents of web server readable files to remote attackers. Information obtained in this manner may ...