Ecosyste.ms: Advisories

An open API service providing security vulnerability metadata for many open source software ecosystems.

packagist ezsystems/ezpublish-kernel Security Advisories

Loading...
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLW1ydmotN3E0Zi01cDQy
Cross-site scripting in eZ Platform Kernel
Ecosystems: packagist
Packages: ezsystems/ezplatform-kernel, ezsystems/ezpublish-kernel
Source: GitHub Advisory Database
Published: about 2 years ago
Critical
GSA_kwCzR0hTQS01eDRmLTd4Z3EtcjQyeM1REw
Object state limitation has no effect
Ecosystems: packagist
Packages: ezsystems/ezpublish-kernel
Source: GitHub Advisory Database
Published: about 1 year ago
Critical
GSA_kwCzR0hTQS14d3Y2LXY3cXgtZjVqY80tiQ
Code injection in ezsystems/ezpublish-kernel
Ecosystems: packagist
Packages: ezsystems/ezpublish-kernel
Source: GitHub Advisory Database
Published: over 1 year ago
High
GSA_kwCzR0hTQS00NG00LTljanAtajU4N80kcg
IBX-1392: Image filenames sanitization
Ecosystems: packagist
Packages: ezsystems/ezpublish-kernel
Source: GitHub Advisory Database
Published: over 1 year ago
Critical
GSA_kwCzR0hTQS14ZnFnLXA0OGctaGg5NM4AArUB
Login timing attack in ezsystems/ezpublish-kernel
Ecosystems: packagist
Packages: ezsystems/ezpublish-kernel
Source: GitHub Advisory Database
Published: about 1 year ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWdtcmYtOTlndy12dndq
/user/sessions endpoint allows detecting valid accounts
Ecosystems: packagist
Packages: ezsystems/ezpublish-kernel
Source: GitHub Advisory Database
Published: about 2 years ago
Critical
GSA_kwCzR0hTQS05OXIzLXhtbXEtN3E3Z84AAv0h
eZ Platform users with the Company admin role can assign any role to any user
Ecosystems: packagist
Packages: ezsystems/ezpublish-kernel
Source: GitHub Advisory Database
Published: 7 months ago
High
GSA_kwCzR0hTQS1xcTJqLTlwZjgtZzU4Y84AAyDw
Company admin role gives excessive privileges in eZ Platform Ibexa
Ecosystems: packagist
Packages: ezsystems/ezplatform-kernel, ezsystems/ezpublish-kernel
Source: GitHub Advisory Database
Published: 3 months ago
Low
GSA_kwCzR0hTQS02Nm00LWdjOGgtaHBqeM4AAyDt
Timing attack in eZ Platform Ibexa
Ecosystems: packagist
Packages: ezsystems/ezpublish-kernel, ezsystems/ezplatform-kernel
Source: GitHub Advisory Database
Published: 3 months ago
Critical
GSA_kwCzR0hTQS1oNXYyLXdyaHAtNXYzNc4AAyDv
Access control issue in ezsystems/ezpublish-kernel
Ecosystems: packagist
Packages: ezsystems/ezpublish-kernel
Source: GitHub Advisory Database
Published: 3 months ago
Moderate
GSA_kwCzR0hTQS04OXAzLTlqOGMtZnFoNM4AAyDu
User account enumeration in eZ Publish Ibexa Kernel
Ecosystems: packagist
Packages: ezsystems/ezpublish-kernel
Source: GitHub Advisory Database
Published: 3 months ago
Moderate
GSA_kwCzR0hTQS1jNzM3LWpod3ItZnF4as4AAyDx
Cross Site Scripting in eZ Platform Ibexa Kernel
Ecosystems: packagist
Packages: ezsystems/ezplatform-kernel, ezsystems/ezpublish-kernel
Source: GitHub Advisory Database
Published: 3 months ago
Filter by Package
pimcore/pimcore 98 microweber/microweber 75 thorsten/phpmyfaq 53 moodle/moodle 53 shopware/platform 41 typo3/cms-core 39 showdoc/showdoc 36 shopware/core 32 librenms/librenms 31 snipe/snipe-it 29 concrete5/concrete5 27 craftcms/cms 24 dolibarr/dolibarr 22 remdex/livehelperchat 22 typo3/cms 19 froxlor/froxlor 19 mautic/core 18 shopware/shopware 18 silverstripe/framework 18 baserproject/basercms 17 cakephp/cakephp 17 pocketmine/pocketmine-mp 16 yetiforce/yetiforce-crm 16 drupal/core 16 grumpydictator/firefly-iii 15 francoisjacquet/rosariosis 15 symfony/symfony 14 tribalsystems/zenario 13 ezsystems/ezpublish-kernel 12 phpmailer/phpmailer 12 getkirby/cms 12 openmage/magento-lts 12 forkcms/forkcms 12 getgrav/grav 12 feehi/feehicms 11 intelliants/subrion 11 nilsteampassnet/teampass 11 prestashop/prestashop 10 contao/core-bundle 10 october/system 10 centreon/centreon 9 concrete5/core 9 kevinpapst/kimai2 9 ssddanbrown/bookstack 8 ezsystems/ezplatform-kernel 8 funadmin/funadmin 8 topthink/framework 8 alextselegidis/easyappointments 8 codeigniter4/framework 8 sylius/sylius 8 wwbn/avideo 8 elefant/cms 8 facturascripts/facturascripts 8 impresscms/impresscms 8 october/backend 7 october/cms 7 feehi/cms 7 magento/community-edition 7 laravel/framework 7 smarty/smarty 7 wallabag/wallabag 7 backdrop/backdrop 6 dompdf/dompdf 6 simplesamlphp/simplesamlphp 6 guzzlehttp/guzzle 6 phpmyadmin/phpmyadmin 6 pterodactyl/panel 6 flarum/core 5 vrana/adminer 5 phpxmlrpc/phpxmlrpc 5 sulu/sulu 5 symfony/http-foundation 5 lavalite/cms 5 yourls/yourls 5 bottelet/flarepoint 5 symfony/security-http 5 pimcore/customer-management-framework-bundle 4 pear/archive_tar 4 directmailteam/direct-mail 4 cockpit-hq/cockpit 4 bolt/bolt 4 ezsystems/ezplatform-admin-ui 4 in2code/femanager 4 nukeviet/nukeviet 4 pagekit/pagekit 4 enshrined/svg-sanitize 4 cachethq/cachet 4 notrinos/notrinos-erp 4 idno/known 4 symfony/http-kernel 4 tinymce 4 TinyMCE 4 tinymce/tinymce 4 bytefury/crater 4 phpoffice/phpspreadsheet 3 typo3/cms-form 3 elgg/elgg 3 spatie/browsershot 3 silverstripe/admin 3 prestashop/productcomments 3 illuminate/database 3 uvdesk/community-skeleton 3 sylius/resource-bundle 3 nystudio107/craft-seomatic 3 ibexa/core 3 silverstripe/assets 3 composer/composer 3 twig/twig 3 icecoder/icecoder 3 symfony/security 3 rudloff/alltube 3 shopware/storefront 3 oro/platform 3 silverstripe/graphql 3 facade/ignition 3 limesurvey/limesurvey 3 gilacms/gila 3 symfony/security-bundle 2 shopxo/shopxo 2 getkirby/panel 2 wintercms/winter 2 protobuf 2 github.com/protocolbuffers/protobuf 2 Google.Protobuf 2 com.google.protobuf:protobuf-parent 2 google/protobuf 2 codeigniter4/shield 2 typo3/html-sanitizer 2 badaso/core 2 ether/logs 2 opencart/opencart 2 silverstripe/cms 2 dweeves/magmi 2 appwrite/server-ce 2 ibexa/admin-ui 2 studio-42/elfinder 2 laravel/laravel 2 yoast-seo-for-typo3/yoast_seo 2 exceedone/exment 2 billz/raspap-webgui 2 exceedone/laravel-admin 2 miniorange/miniorange-saml 2 october/october 2 buddypress/buddypress 2 yiisoft/yii2-dev 2 topthink/think 2 ezsystems/ezplatform-rest 2 verot/class.upload.php 2 neos/neos 2 s-cart/s-cart 2 azuracast/azuracast 2 bolt/core 2 erusev/parsedown 2 anchorcms/anchor-cms 2 guzzlehttp/psr7 2 croogo/croogo 2 squizlabs/php_codesniffer 2 ptrofimov/beanstalk_console 2 symfony/framework-bundle 2 modx/revolution 2 latte/latte 2 drupal/drupal 2 oro/commerce 2 processwire/processwire 2 noumo/easyii 2 typo3/cms-backend 2 phpfastcache/phpfastcache 2 october/rain 2 symfony/cache 2 react/http 2 privatebin/privatebin 2 unisharp/laravel-filemanager 2 league/commonmark 2 pixelfed/pixelfed 2 aheinze/cockpit 2 api-platform/core 2 typo3fluid/fluid 2 laminas/laminas-diactoros 2 admidio/admidio 2 packbackbooks/lti-1-3-php-library 2 cuyz/valinor 2 phpseclib/phpseclib 2 yiisoft/yii2-gii 2 codiad/codiad 2 helloxz/imgurl 2 filegator/filegator 2 harvesthq/chosen 1 livehelperchat/livehelperchat 1 contao/managed-edition 1 sitegeist/fluid-components 1 vova07/yii2-fileapi-widget 1 vanilla/safecurl 1 pimcore/perspective-editor 1 xataface/xataface 1 joomla/archive 1 litespeed.js 1 pear/crypt_gpg 1 laravel/fortify 1 sabberworm/php-css-parser 1 web-auth/webauthn-framework 1 personnummer/personnummer 1 ectouch/ectouch 1 php-mod/curl 1 simplesamlphp/simplesamlphp-module-openid 1 userfrosting/userfrosting 1 neorazorx/facturascripts 1 phpmussel/phpmussel 1 Sylius/Sylius 1 sylius/grid-bundle 1 laminas/laminas-form 1 spipu/html2pdf 1 fof/upload 1 matyhtf/framework 1 yiisoft/yii 1 melisplatform/melis-front 1 melisplatform/melis-cms 1 bmarshall511/wordpress_zero_spam 1 statamic/cms 1 yeswiki/yeswiki 1 ibexa/post-install 1 jsdecena/laracom 1 ezsystems/ezpublish-legacy 1 pimcore/data-hub 1 fenom/fenom 1 librenms/librenms/ 1 prestashop/gamification 1 bootstrap-3-typeahead 1 bassjobsen/bootstrap-3-typeahead 1 wpanel/wpanel4-cms 1 webcoast/deferred-image-processing 1 ecodev/newsletter 1 silverstripe/subsites 1 zoujingli/thinkadmin 1 area17/twill 1 genix/cms 1 ibexa/user 1 robrichards/xmlseclibs 1 django-tinymce 1 luyadev/yii-helpers 1 ttskch/pagination-service-provider 1 prestashop/autoupgrade 1 james-heinrich/getid3 1 s-cart/core 1 wp-graphql/wp-graphql 1 hillelcoren/invoice-ninja 1 netgen/tagsbundle 1 gaoming13/wechat-php-sdk 1 innologi/typo3-appointments 1 zendframework/zend-feed 1 silverstripe/versioned-admin 1 DotNetCasClient 1 fixpunkt/fp-newsletter 1 jasig/phpcas 1 fixpunkt/fp-masterquiz 1 org.jasig.cas:cas-client 1 mojo42/jirafeau 1 adodb/adodb-php 1 subrion/cms 1 phpunit/phpunit 1 arc/web 1 brotkrueml/schema 1 brotkrueml/typo3-matomo-integration 1 apereo/phpcas 1 topthink/thinkphp 1 sylius/paypal-plugin 1 krayin/laravel-crm 1 fluidtypo3/vhs 1 flarum/tags 1 symfony/security-guard 1 gos/web-socket-bundle 1 symfont/process 1 shopware/production 1 friendsoftypo3/mediace 1 usmanhalalit/pixie 1 cakephp/database 1 hyn/multi-tenant 1 liftkit/database 1 simplesamlphp/simplesamlphp-module-openidprovider 1 derhansen/fe_change_pwd 1 jackalope/jackalope-doctrine-dbal 1 symfony/mime 1 mittwald/typo3_forum 1 zendframework/zend-http 1 zendframework/zend-diactoros 1 mediawiki/matomo 1 kimai/kimai 1 kitodo/presentation 1 symfony/serializer 1 phpservermon/phpservermon 1 barrelstrength/sprout-base-email 1 contao/contao 1 barrelstrength/sprout-forms 1 doctrine/dbal 1 knplabs/knp-snappy 1 andreapollastri/cipi 1 in2code/lux 1 wp-cli/wp-cli 1 neoan3-apps/template 1 phpmyfaq/phpmyfaq 1 woocommerce/woocommerce 1