LiveActive security incident?Get immediate response
CVE archive

2005 CVE Archive

Browse CVE records published in 2005 CVE Archive, with severity, affected products, CWE, KEV, and source-backed vulnerability context.

Showing 50 of 4627 matching CVEs · Page 2 of 93.

Unknown · CVSS Not scored

CVE-2005-4855: Unrestricted file upload vulnerability in eZ publish 3.5 before 3.5.5, 3.6 before 3.6.2, 3.7 before 3.7.0rc...

Unrestricted file upload vulnerability in eZ publish 3.5 before 3.5.5, 3.6 before 3.6.2, 3.7 before 3.7.0rc2, and 3.8 before 20050922 does not restrict Image datatype uploads to image content types, which allows remote authenticated users to upload certain types of files, as demonstrated by .js files, which may enable cross-site scripting (XSS) attacks or other attacks.

Published Jul 6, 2007 · Updated Sep 17, 2024