Ez Publish@3.9.1 Security Vulnerabilities and Issues — Ez Publish@3.9.1 CVE List

Lucene search

EzEz Publish3.9.1

2 matches found

CVE•added 2007/08/23 1:17 a.m.•39 views

CVE-2007-4493

eZ publish before 3.8.9, and 3.9 before 3.9.3, does not properly check permissions on module views that lack a policy function, which has unknown impact and attack vectors, as demonstrated by a vulnerability in the discount functionality in the shop module.

10CVSS6.6AI score0.00554EPSS

CVE•added 2007/08/23 1:17 a.m.•36 views

CVE-2007-4494

The tipafriend function in eZ publish before 3.8.9, and 3.9 before 3.9.3, does not limit access by anonymous users, which allows remote attackers to conduct spam attacks.

5CVSS6.7AI score0.01039EPSS