Total vulnerabilities in the database
The registration view (/user/register) in eZ Publish 3.5.6 and earlier, and possibly other versions before 3.9.5, 3.10.1, and 4.0.1, allows remote attackers to gain privileges as other users via modified ContentObjectAttribute_data_user_login_30, ContentObjectAttribute_data_user_password_30, and other parameters.
| Software | From | Fixed in |
|---|---|---|
| ez / ez_publish | 3.6.3 | 3.6.3.x |
| ez / ez_publish | 3.6.1 | 3.6.1.x |
| ez / ez_publish | 3.5.8 | 3.5.8.x |
| ez / ez_publish | 3.6.4 | 3.6.4.x |
| ez / ez_publish | 3.8.8 | 3.8.8.x |
| ez / ez_publish | 3.9.0 | 3.9.0.x |
| ez / ez_publish | 4.0 | 4.0.x |
| ez / ez_publish | 3.7.1 | 3.7.1.x |
| ez / ez_publish | 3.6.0 | 3.6.0.x |
| ez / ez_publish | 3.9.2 | 3.9.2.x |
| ez / ez_publish | 3.10 | 3.10.x |
| ez / ez_publish | 3.4.8 | 3.4.8.x |
| ez / ez_publish | 3.5.7 | 3.5.7.x |
| ez / ez_publish | 3.7.3 | 3.7.3.x |
| ez / ez_publish | 3.5.5 | 3.5.5.x |
| ez / ez_publish | - | 3.5.6.x |
| ez / ez_publish | 3.5.4 | 3.5.4.x |
| ez / ez_publish | 3.8.9 | 3.8.9.x |
| ez / ez_publish | 3.7.2 | 3.7.2.x |
| ez / ez_publish | 3.6.5 | 3.6.5.x |
| ez / ez_publish | 3.9.1 | 3.9.1.x |
| ez / ez_publish | 3.6.2 | 3.6.2.x |
| ez / ez_publish | 3.7.0 | 3.7.0.x |
| ez / ez_publish | 3.9.4 | 3.9.4.x |