Vulnerabilities (CVE)

Filtered by vendor Ezcontents Subscribe
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2008-3575 1 Ezcontents 1 Ezcontents Cms 2024-02-28 7.5 HIGH N/A
PHP remote file inclusion vulnerability in modules/calendar/minicalendar.php in ezContents CMS allows remote attackers to execute arbitrary PHP code via a URL in the GLOBALS[gsLanguage] parameter, a different vector than CVE-2006-4477 and CVE-2004-0132.
CVE-2007-6368 1 Ezcontents 1 Ezcontents 2024-02-28 5.0 MEDIUM N/A
Directory traversal vulnerability in index.php in ezContents 1.4.5 allows remote attackers to read arbitrary files via a .. (dot dot) in the link parameter.