CVE-2007-4494

N/A Unknown
Published: August 23, 2007 Modified: April 23, 2026
View on NVD

Description

The tipafriend function in eZ publish before 3.8.9, and 3.9 before 3.9.3, does not limit access by anonymous users, which allows remote attackers to conduct spam attacks.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

Login to generate AI explanation

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory
http://ez.no/community/news/ez_publish_security_fixes_3_9_3_and_3_8_9
Source: cve@mitre.org
http://ez.no/download/ez_publish/changelogs/ez_publish_3_8/changelog_3_8_8_to_3_8_9
Source: cve@mitre.org
http://ez.no/download/ez_publish/changelogs/ez_publish_3_9/changelog_3_9_2_to_3_9_3
Source: cve@mitre.org
Patch
http://osvdb.org/40325
Source: cve@mitre.org
http://secunia.com/advisories/26686
Source: cve@mitre.org
http://www.securityfocus.com/bid/25538
Source: cve@mitre.org
http://ez.no/community/news/ez_publish_security_fixes_3_9_3_and_3_8_9
Source: af854a3a-2127-422b-91ae-364da2661108
http://ez.no/download/ez_publish/changelogs/ez_publish_3_8/changelog_3_8_8_to_3_8_9
Source: af854a3a-2127-422b-91ae-364da2661108
http://ez.no/download/ez_publish/changelogs/ez_publish_3_9/changelog_3_9_2_to_3_9_3
Source: af854a3a-2127-422b-91ae-364da2661108
Patch
http://osvdb.org/40325
Source: af854a3a-2127-422b-91ae-364da2661108
http://secunia.com/advisories/26686
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.securityfocus.com/bid/25538
Source: af854a3a-2127-422b-91ae-364da2661108

12 reference(s) from NVD

Quick Stats

CVSS v3 Score
N/A / 10.0
EPSS (Exploit Probability)
1.2%
79th percentile
Exploitation Status
Not in CISA KEV

Affected Vendors

ez