Filtered by vendor Ez Subscriptions
Total 23 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2005-4851 1 Ez 1 Ez Publish 2024-11-21 N/A
eZ publish 3.4.4 through 3.7 before 20050722 applies certain permissions on the node level, which allows remote authenticated users to bypass the original permissions on embedded objects in XML fields and read these objects.
CVE-2005-4850 1 Ez 1 Ez Publish 2024-11-21 N/A
eZ publish 3.5 through 3.7 before 20050608 requires both edit and create permissions in order to submit data, which allows remote attackers to edit data submitted by arbitrary anonymous users.
CVE-2003-0310 1 Ez 1 Ez Publish 2024-11-20 N/A
Cross-site scripting (XSS) vulnerability in articleview.php for eZ publish 2.2 allows remote attackers to insert arbitrary web script.