Vulnerability Details CVE-2005-4850
eZ publish 3.5 through 3.7 before 20050608 requires both edit and create permissions in order to submit data, which allows remote attackers to edit data submitted by arbitrary anonymous users.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 40.8%
CVSS Severity
CVSS v2 Score 5.0
References
Products affected by CVE-2005-4850
-
cpe:2.3:a:ez:ez_publish:3.5.0
-
cpe:2.3:a:ez:ez_publish:3.5.1
-
cpe:2.3:a:ez:ez_publish:3.5.10
-
cpe:2.3:a:ez:ez_publish:3.5.11
-
cpe:2.3:a:ez:ez_publish:3.5.2
-
cpe:2.3:a:ez:ez_publish:3.5.3
-
cpe:2.3:a:ez:ez_publish:3.5.4
-
cpe:2.3:a:ez:ez_publish:3.5.5
-
cpe:2.3:a:ez:ez_publish:3.5.6
-
cpe:2.3:a:ez:ez_publish:3.5.7
-
cpe:2.3:a:ez:ez_publish:3.5.8
-
cpe:2.3:a:ez:ez_publish:3.5.9
-
cpe:2.3:a:ez:ez_publish:3.6.0
-
cpe:2.3:a:ez:ez_publish:3.6.1
-
cpe:2.3:a:ez:ez_publish:3.6.10
-
cpe:2.3:a:ez:ez_publish:3.6.11
-
cpe:2.3:a:ez:ez_publish:3.6.12
-
cpe:2.3:a:ez:ez_publish:3.6.2
-
cpe:2.3:a:ez:ez_publish:3.6.3
-
cpe:2.3:a:ez:ez_publish:3.6.4
-
cpe:2.3:a:ez:ez_publish:3.6.5
-
cpe:2.3:a:ez:ez_publish:3.6.6
-
cpe:2.3:a:ez:ez_publish:3.6.7
-
cpe:2.3:a:ez:ez_publish:3.6.8
-
cpe:2.3:a:ez:ez_publish:3.6.9