Vulnerabilities > EZ

DATE CVE VULNERABILITY TITLE RISK
2007-08-23 CVE-2007-4493 Unspecified vulnerability in eZ Publish No Policy Function
eZ publish before 3.8.9, and 3.9 before 3.9.3, does not properly check permissions on module views that lack a policy function, which has unknown impact and attack vectors, as demonstrated by a vulnerability in the discount functionality in the shop module.
network
low complexity
ez
critical
10.0
2007-07-06 CVE-2006-7219 Permissions, Privileges, and Access Controls vulnerability in EZ Publish
eZ publish before 3.8.5 does not properly enforce permissions for editing in a specific language, which allows remote authenticated users to create a draft in an unauthorized language by editing an archived version of an object, and then using Manage Versions to copy this version to a new draft.
network
low complexity
ez CWE-264
4.0
2007-07-06 CVE-2006-7218 Permissions, Privileges, and Access Controls vulnerability in EZ Publish
eZ publish before 3.8.1 does not properly enforce permissions for "content edit Language" when there are four or more languages, which allows remote authenticated users to perform translations into languages that are not listed in a Module Function Limitation policy.
network
low complexity
ez CWE-264
4.0
2006-03-01 CVE-2006-0938 Cross-Site Scripting vulnerability in EZ Publish
Cross-site scripting (XSS) vulnerability in eZ publish 3.7.3 and earlier allows remote attackers to inject arbitrary web script or HTML via the RefererURL parameter.
network
ez CWE-79
4.3
2005-12-31 CVE-2005-4857 Resource Management Errors vulnerability in EZ Publish
eZ publish 3.5 before 3.5.7, 3.6 before 3.6.5, 3.7 before 3.7.3, and 3.8 before 20051128 allows remote authenticated users to cause a denial of service (Apache httpd segmentation fault) via a request to content/advancedsearch.php with an empty SearchContentClassID parameter, reportedly related to a "memory addressing error".
network
low complexity
ez CWE-399
4.0
2005-12-31 CVE-2005-4856 Data Processing Errors vulnerability in EZ Publish
The admin interface in eZ publish 3.5 before 3.5.7, 3.6 before 3.6.5, 3.7 before 3.7.3, and 3.8 before 20051110 does not properly handle authorization errors, which allows remote attackers to obtain sensitive information and see the admin pagelayout and associated templates via a request with (1) "anything after the url" or (2) a "wrong url".
network
low complexity
ez CWE-19
5.0
2005-12-31 CVE-2005-4855 Permissions, Privileges, and Access Controls vulnerability in EZ Publish
Unrestricted file upload vulnerability in eZ publish 3.5 before 3.5.5, 3.6 before 3.6.2, 3.7 before 3.7.0rc2, and 3.8 before 20050922 does not restrict Image datatype uploads to image content types, which allows remote authenticated users to upload certain types of files, as demonstrated by .js files, which may enable cross-site scripting (XSS) attacks or other attacks.
network
ez CWE-264
3.5
2005-12-31 CVE-2005-4854 Permissions, Privileges, and Access Controls vulnerability in EZ Publish
eZ publish 3.5 through 3.7 before 20050830 does not use a folder's read permissions to restrict notifications, which allows remote authenticated users to obtain sensitive information about changes to content in arbitrary folders.
network
low complexity
ez CWE-264
5.0
2005-12-31 CVE-2005-4853 Permissions, Privileges, and Access Controls vulnerability in EZ Publish
The default configuration of the forum package in eZ publish 3.5 before 3.5.5, 3.6 before 3.6.2, 3.7 before 3.7.0rc2, and 3.8 before 20050818 does not restrict edit permissions to a posting's owner, which allows remote authenticated users to edit arbitrary postings.
network
low complexity
ez CWE-264
critical
9.4
2005-12-31 CVE-2005-4852 Permissions, Privileges, and Access Controls vulnerability in EZ Publish
The siteaccess URIMatching implementation in eZ publish 3.5 through 3.8 before 20050812 converts all non-alphanumeric characters in a URI to '_' (underscore), which allows remote attackers to bypass access restrictions by inserting certain characters in a URI, as demonstrated by a request for /admin:de, which matches a rule allowing only /admin_de to access /admin.
network
low complexity
ez CWE-264
5.0