MidnightBSD

Advisories for ez

CVE-2003-0310 MEDIUM

Cross-site scripting (XSS) vulnerability in articleview.php for eZ publish 2.2 allows remote attackers to insert arbitrary web script.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
ez ez_publish 2.2
CVE-2005-4850 MEDIUM

eZ publish 3.5 through 3.7 before 20050608 requires both edit and create permissions in order to submit data, which allows remote attackers to edit data submitted by arbitrary anonymous users.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-264,

Products Affected

Vendor Product Version
ez ez_publish *
CVE-2005-4851 MEDIUM

eZ publish 3.4.4 through 3.7 before 20050722 applies certain permissions on the node level, which allows remote authenticated users to bypass the original permissions on embedded objects in XML fields and read these objects.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-287,

Products Affected

Vendor Product Version
ez ez_publish *
CVE-2005-4852 MEDIUM

The siteaccess URIMatching implementation in eZ publish 3.5 through 3.8 before 20050812 converts all non-alphanumeric characters in a URI to '_' (underscore), which allows remote attackers to bypass access restrictions by inserting certain characters in a URI, as demonstrated by a request for /admin:de, which matches a rule allowing only /admin_de to access /admin.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-264,

Products Affected

Vendor Product Version
ez ez_publish *
CVE-2005-4853 HIGH

The default configuration of the forum package in eZ publish 3.5 before 3.5.5, 3.6 before 3.6.2, 3.7 before 3.7.0rc2, and 3.8 before 20050818 does not restrict edit permissions to a posting's owner, which allows remote authenticated users to edit arbitrary postings.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-264,

Products Affected

Vendor Product Version
ez ez_publish 3.5.2
ez ez_publish 3.5.4
ez ez_publish 3.5.0
ez ez_publish 3.5.1
ez ez_publish 3.5.3
CVE-2005-4854 MEDIUM

eZ publish 3.5 through 3.7 before 20050830 does not use a folder's read permissions to restrict notifications, which allows remote authenticated users to obtain sensitive information about changes to content in arbitrary folders.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-264,

Products Affected

Vendor Product Version
ez ez_publish 3.5.2
ez ez_publish 3.6.12
ez ez_publish 3.5.6
ez ez_publish 3.6.8
ez ez_publish 3.6.9
ez ez_publish 3.5.5
ez ez_publish 3.7.5
ez ez_publish 3.7.6
ez ez_publish 3.7.10
ez ez_publish 3.7.8
ez ez_publish 3.5.3
ez ez_publish 3.7.4
ez ez_publish 3.6.5
ez ez_publish 3.6.2
ez ez_publish 3.5.7
ez ez_publish 3.7.3
ez ez_publish 3.6.6
ez ez_publish 3.5.0
ez ez_publish 3.5.1
ez ez_publish 3.6.1
ez ez_publish 3.7.1
ez ez_publish 3.5.8
ez ez_publish 3.6.3
ez ez_publish 3.5.10
ez ez_publish 3.7.11
ez ez_publish 3.5.9
ez ez_publish 3.6.4
ez ez_publish 3.7.9
ez ez_publish 3.6.0
ez ez_publish 3.6.10
ez ez_publish 3.5.4
ez ez_publish 3.7.0
ez ez_publish 3.5.11
ez ez_publish 3.6.11
ez ez_publish 3.7.7
ez ez_publish 3.7.2
ez ez_publish 3.7.12
ez ez_publish 3.6.7
CVE-2005-4855 LOW

Unrestricted file upload vulnerability in eZ publish 3.5 before 3.5.5, 3.6 before 3.6.2, 3.7 before 3.7.0rc2, and 3.8 before 20050922 does not restrict Image datatype uploads to image content types, which allows remote authenticated users to upload certain types of files, as demonstrated by .js files, which may enable cross-site scripting (XSS) attacks or other attacks.

CVSS 2.0

Severity: LOW

Problem Type: CWE-264,

Products Affected

Vendor Product Version
ez ez_publish 3.7.0
ez ez_publish 3.8.0
ez ez_publish *
CVE-2005-4856 MEDIUM

The admin interface in eZ publish 3.5 before 3.5.7, 3.6 before 3.6.5, 3.7 before 3.7.3, and 3.8 before 20051110 does not properly handle authorization errors, which allows remote attackers to obtain sensitive information and see the admin pagelayout and associated templates via a request with (1) "anything after the url" or (2) a "wrong url".

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-19,

Products Affected

Vendor Product Version
ez ez_publish 3.5.2
ez ez_publish 3.5.6
ez ez_publish 3.5.5
ez ez_publish 3.6.3
ez ez_publish 3.6.4
ez ez_publish 3.5.3
ez ez_publish 3.6.0
ez ez_publish *
ez ez_publish 3.5.4
ez ez_publish 3.7.0
ez ez_publish 3.6.2
ez ez_publish 3.7.2
ez ez_publish 3.5.0
ez ez_publish 3.5.1
ez ez_publish 3.6.1
ez ez_publish 3.7.1
CVE-2005-4857 MEDIUM

eZ publish 3.5 before 3.5.7, 3.6 before 3.6.5, 3.7 before 3.7.3, and 3.8 before 20051128 allows remote authenticated users to cause a denial of service (Apache httpd segmentation fault) via a request to content/advancedsearch.php with an empty SearchContentClassID parameter, reportedly related to a "memory addressing error".

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-399,

Products Affected

Vendor Product Version
ez ez_publish 3.5.2
ez ez_publish 3.5.6
ez ez_publish 3.5.5
ez ez_publish 3.6.3
ez ez_publish 3.6.4
ez ez_publish 3.5.3
ez ez_publish 3.6.0
ez ez_publish *
ez ez_publish 3.5.4
ez ez_publish 3.7.0
ez ez_publish 3.6.2
ez ez_publish 3.7.2
ez ez_publish 3.5.0
ez ez_publish 3.5.1
ez ez_publish 3.6.1
ez ez_publish 3.7.1
CVE-2006-0938 MEDIUM

Cross-site scripting (XSS) vulnerability in eZ publish 3.7.3 and earlier allows remote attackers to inject arbitrary web script or HTML via the RefererURL parameter.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
ez ez_publish 3.5.8
ez ez_publish 3.5.6
ez ez_publish 3.4.8
ez ez_publish 3.5.5
ez ez_publish 3.6.3
ez ez_publish 3.6.4
ez ez_publish 3.6.0
ez ez_publish *
ez ez_publish 3.5.4
ez ez_publish 3.6.5
ez ez_publish 3.7.0
ez ez_publish 3.6.2
ez ez_publish 3.5.7
ez ez_publish 3.7.2
ez ez_publish 3.6.1
ez ez_publish 3.7.1
CVE-2010-2671 MEDIUM

Cross-site scripting (XSS) vulnerability in advancedsearch.php in eZ Publish 3.7.0 through 4.2.0 allows remote attackers to inject arbitrary web script or HTML via the subTreeItem parameter.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
ez ez_publish 3.7.5
ez ez_publish 3.7.11
ez ez_publish 3.7.6
ez ez_publish 3.7.10
ez ez_publish 3.7.8
ez ez_publish 3.7.9
ez ez_publish 4.2.0
ez ez_publish 3.7.4
ez ez_publish 3.7.0
ez ez_publish 3.7.3
ez ez_publish 3.7.7
ez ez_publish 3.7.2
ez ez_publish 3.7.12
ez ez_publish 3.7.1
CVE-2010-2672 HIGH

Multiple SQL injection vulnerabilities in eZ Publish 3.7.0 through 4.2.0 allow remote attackers to execute arbitrary SQL commands via the (1) SectionID and (2) SearchTimestamp parameters to the search feature and the (3) SearchContentClassAttributeID parameter to the advancedsearch feature.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-89,

Products Affected

Vendor Product Version
ez ez_publish 3.7.5
ez ez_publish 3.7.11
ez ez_publish 3.7.6
ez ez_publish 3.7.10
ez ez_publish 3.7.8
ez ez_publish 3.7.9
ez ez_publish 4.2.0
ez ez_publish 3.7.4
ez ez_publish 3.7.0
ez ez_publish 3.7.3
ez ez_publish 3.7.7
ez ez_publish 3.7.2
ez ez_publish 3.7.12
ez ez_publish 3.7.1
CVE-2017-1000431 MEDIUM

eZ Systems eZ Publish version 5.4.0 to 5.4.9, and 5.3.12 and older, is vulnerable to an XSS issue in the search module, resulting in a risk of attackers injecting scripts which may e.g. steal authentication credentials.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
ez ez_publish *
CVE-2019-12139 MEDIUM

An XSS issue was discovered in the Admin UI in eZ Platform 2.x. This affects ezplatform-admin-ui 1.3.x before 1.3.5 and 1.4.x before 1.4.4, and ezplatform-page-builder 1.1.x before 1.1.5 and 1.2.x before 1.2.4.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
ez ezplatform-admin-ui *
ez ezplatform-page-builder *
CVE-2020-10806 HIGH

eZ Publish Kernel before 5.4.14.1, 6.x before 6.13.6.2, and 7.x before 7.5.6.2 and eZ Publish Legacy before 5.4.14.1, 2017 before 2017.12.7.2, and 2019 before 2019.03.4.2 allow remote attackers to execute arbitrary code by uploading PHP code, unless the vhost configuration permits only app.php execution.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-434,

Products Affected

Vendor Product Version
ez ez_publish-legacy *
ez ez_publish-kernel *