Lucene search
K

13 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2014-0065

Malware in sbrugna...

5CVSS6.3AI score0.014EPSS
Exploits0References8
Github Security Blog
Github Security Blog
added 2022/05/17 4:32 a.m.23 views

Plone Cross-site scripting Vulnerability

Cross-site scripting XSS vulnerability in pythonscripts.py in Plone before 4.2.3 and 4.3 before beta 1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, related to "u,translate."...

4.3CVSS6AI score0.01187EPSS
Exploits0References7Affected Software1
OSV
OSV
added 2022/05/17 4:32 a.m.14 views

GHSA-CQ5G-924M-7FXH Plone Information Disclosure

atat.py in Plone before 4.2.3 and 4.3 before beta 1 allows remote attackers to read private data structures via a request for a view without a name...

8.7CVSS6.2AI score0.014EPSS
Exploits0References7
Github Security Blog
Github Security Blog
added 2018/07/23 7:52 p.m.30 views

Plone allows remote attackers to read hidden folder contents

ftp.py in Plone before 4.2.3 and 4.3 before beta 1 allows remote attackers to read hidden folder contents via unspecified vectors...

5CVSS6.2AI score0.014EPSS
Exploits0References7Affected Software1
PyPA
PyPA
added 2014/09/30 2:55 p.m.12 views

PYSEC-2014-45

ftp.py in Plone before 4.2.3 and 4.3 before beta 1 allows remote attackers to read hidden folder contents via unspecified vectors...

5CVSS6.9AI score0.014EPSS
Exploits0References5Affected Software1
Prion
Prion
added 2014/09/30 2:55 p.m.14 views

Code injection

membershiptool.py in Plone before 4.2.3 and 4.3 before beta 1 allows remote attackers to enumerate user account names via a crafted URL...

5CVSS6.8AI score0.02118EPSS
Exploits0References5Affected Software1
Prion
Prion
added 2014/09/30 2:55 p.m.21 views

Cross site request forgery (csrf)

atat.py in Plone before 4.2.3 and 4.3 before beta 1 allows remote attackers to read private data structures via a request for a view without a name...

5CVSS7AI score0.014EPSS
Exploits0References4Affected Software1
PyPA
PyPA
added 2014/09/30 2:55 p.m.6 views

PYSEC-2014-27

registerConfiglet.py in Plone before 4.2.3 and 4.3 before beta 1 allows remote attackers to execute Python code via unspecified vectors, related to the admin interface...

6.8CVSS7.5AI score0.02066EPSS
Exploits0References6Affected Software1
PyPA
PyPA
added 2014/09/30 2:55 p.m.9 views

PYSEC-2014-33

z3c.form, as used in Plone before 4.2.3 and 4.3 before beta 1, allows remote attackers to obtain the default form field values by leveraging knowledge of the form location and the element id...

4.3CVSS6.9AI score0.01231EPSS
Exploits0References5Affected Software1
OSV
OSV
added 2014/09/30 2:55 p.m.33 views

PYSEC-2014-44

Cross-site scripting XSS vulnerability in safehtml.py in Plone before 4.2.3 and 4.3 before beta 1 allows remote authenticated users with permissions to edit content to inject arbitrary web script or HTML via unspecified vectors...

3.5CVSS3.2AI score0.00967EPSS
Exploits0References5
OSV
OSV
added 2014/09/30 2:55 p.m.19 views

PYSEC-2014-47

atat.py in Plone before 4.2.3 and 4.3 before beta 1 allows remote attackers to read private data structures via a request for a view without a name...

5CVSS5.5AI score0.014EPSS
Exploits0References5
CVE
CVE
added 2014/09/30 2:0 p.m.91 views

CVE-2012-5486

CVE-2012-5486 - HP: ZPublisher.HTTPRequest._scrubHeader in Zope 2 before 2.13.19 (used in Plone before 4.3 beta 1) allows remote attackers to inject arbitrary HTTP headers via a linefeed (LF) character. Affected components: Zope 2 series up to 2.13.18; Plone deployments including the Plone before...

6.4CVSS6.4AI score0.02479EPSS
Exploits0References5Affected Software1
seebug.org
seebug.org
added 2006/10/24 12:0 a.m.32 views

BSD (telnetd) Remote Root Exploit

No description provided by source. / 7350854 - x86/bsd telnetd remote root exploit TESO CONFIDENTIAL - SOURCE MATERIALS This is unpublished proprietary source code of TESO Security. The contents of these coded instructions, statements and computer programs may not be disclosed to third parties,...

7.1AI score
Exploits0
Rows per page
Query Builder