Ez Publish Security Vulnerabilities and Issues — Ez Publish CVE List

Lucene search

EzEz Publish

3 matches found

CVE•added 2012/10/06 9:55 p.m.•49 views

CVE-2012-1565

Unspecified vulnerability in ez Publish 4.1.4, 4.2, 4.3, 4.4, 4.5, and 4.6 has unknown impact and attack vectors related to an insecure direct object reference.

7.5CVSS6.6AI score0.01752EPSS

CVE•added 2009/07/02 10:30 a.m.•48 views

CVE-2008-6844

The registration view (/user/register) in eZ Publish 3.5.6 and earlier, and possibly other versions before 3.9.5, 3.10.1, and 4.0.1, allows remote attackers to gain privileges as other users via modified ContentObjectAttribute_data_user_login_30, ContentObjectAttribute_data_user_password_30, and ot...

7.5CVSS7.2AI score0.02382EPSS

CVE•added 2010/07/08 10:30 p.m.•44 views

CVE-2010-2672

Multiple SQL injection vulnerabilities in eZ Publish 3.7.0 through 4.2.0 allow remote attackers to execute arbitrary SQL commands via the (1) SectionID and (2) SearchTimestamp parameters to the search feature and the (3) SearchContentClassAttributeID parameter to the advancedsearch feature.

7.5CVSS8.8AI score0.00836EPSS