In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.
Test your applicationsLearn about Improper Control of Generation of Code ('Code Injection') vulnerabilities in an interactive lesson.
Start learningUpgrade ezsystems/ezpublish-legacy
to version 5.4.14.2, 2017.12.7.3, 2019.3.5.1 or higher.
ezsystems/ezpublish-legacy is a professional PHP application framework with advanced CMS functionality.
Affected versions of this package are vulnerable to Improper Control of Generation of Code ('Code Injection') via discount rules. This would require backend access and permission to edit discount rules.