Shodan
Vulnerabilities
Vulnerable Software

Vulnerability Details CVE-2005-4855

Unrestricted file upload vulnerability in eZ publish 3.5 before 3.5.5, 3.6 before 3.6.2, 3.7 before 3.7.0rc2, and 3.8 before 20050922 does not restrict Image datatype uploads to image content types, which allows remote authenticated users to upload certain types of files, as demonstrated by .js files, which may enable cross-site scripting (XSS) attacks or other attacks.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 36.6%
CVSS Severity
CVSS v2 Score 3.5
Products affected by CVE-2005-4855
  • Ez » Ez Publish » Version: 3.5.0
    cpe:2.3:a:ez:ez_publish:3.5.0
  • Ez » Ez Publish » Version: 3.5.1
    cpe:2.3:a:ez:ez_publish:3.5.1
  • Ez » Ez Publish » Version: 3.5.2
    cpe:2.3:a:ez:ez_publish:3.5.2
  • Ez » Ez Publish » Version: 3.5.3
    cpe:2.3:a:ez:ez_publish:3.5.3
  • Ez » Ez Publish » Version: 3.5.4
    cpe:2.3:a:ez:ez_publish:3.5.4
  • Ez » Ez Publish » Version: 3.6.0
    cpe:2.3:a:ez:ez_publish:3.6.0
  • Ez » Ez Publish » Version: 3.6.1
    cpe:2.3:a:ez:ez_publish:3.6.1
  • Ez » Ez Publish » Version: 3.7.0
    cpe:2.3:a:ez:ez_publish:3.7.0
  • Ez » Ez Publish » Version: 3.8.0
    cpe:2.3:a:ez:ez_publish:3.8.0


Products
Pricing
Contact Us

Shodan ® - All rights reserved