Information Disclosure

ezsystems/ezpublish-legacy is vulnerable to Information Disclosure. The vulnerability is caused due to the module not properly checking access permissions when rendering the content tree menu. This allows the tree menu to display hidden items to unauthorized users if they access the backend URL...

eZ Publish Information disclosure in backend content tree menu

This security advisory fixes an information disclosure vulnerability in the legacy admin content tree menu. If a view has been disabled in site.ini SiteAccessRules Rules, and an attacker accesses the backend with the URL to this module, then the tree menu may be displayed. Since the tree menu may...

GHSA-CC2J-92JQ-WGJG eZ Publish Information disclosure in backend content tree menu

This security advisory fixes an information disclosure vulnerability in the legacy admin content tree menu. If a view has been disabled in site.ini SiteAccessRules Rules, and an attacker accesses the backend with the URL to this module, then the tree menu may be displayed. Since the tree menu may...

PT-2024-40240 · Unknown · Ez Publish Legacy

Name of the Vulnerable Software and Affected Versions: ezpublish-legacy affected versions not specified Description: The issue is related to an information disclosure vulnerability in the legacy admin content tree menu. If a view has been disabled in site.ini SiteAccessRules Rules and an attacker...

SUSE CVE-2006-2779

Mozilla Firefox and Thunderbird before 1.5.0.4 allow remote attackers to cause a denial of service crash and possibly execute arbitrary code via 1 nested tags in a select tag, 2 a DOMNodeRemoved mutation event, 3 "Content-implemented tree views," 4 BoxObjects, 5 the XBL implementation, 6 an ifram...

Autodesk SoftImage Scene TOC Arbitrary Command Execution

No description provided by source. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Core Security Technologies - CoreLabs Advisory http://www.coresecurity.com/corelabs/ Autodesk SoftImage Scene TOC Arbitrary Command Execution 1. Advisory Information Title: Autodesk SoftImage Scene TOC Arbitrary...

security flaw

Mozilla Firefox and Thunderbird before 1.5.0.4 allow remote attackers to cause a denial of service crash and possibly execute arbitrary code via 1 nested tags in a select tag, 2 a DOMNodeRemoved mutation event, 3 "Content-implemented tree views," 4 BoxObjects, 5 the XBL implementation, 6 an ifram...

DEBIAN-CVE-2006-2779

Mozilla Firefox and Thunderbird before 1.5.0.4 allow remote attackers to cause a denial of service crash and possibly execute arbitrary code via 1 nested tags in a select tag, 2 a DOMNodeRemoved mutation event, 3 "Content-implemented tree views," 4 BoxObjects, 5 the XBL implementation, 6 an ifram...