16 matches found
EUVD-2020-22877
Malware in sbrugna...
CVE-2024-23756
The HTTP PUT and DELETE methods are enabled in the Plone official Docker version 5.2.13 5221, allowing unauthenticated attackers to execute dangerous actions such as uploading files to the server or deleting them...
CVE-2024-23054
An issue in Plone Docker Official Image 5.2.13 5221 open-source software that could allow for remote code execution due to a package listed in ++plone++static/components not existing in the public package index npm...
CVE-2024-23055
An issue in Plone Docker Official Image 5.2.13 5221 open-source software allows for remote code execution via improper validation of input by the HOST headers...
CVE-2020-35190
The official plone Docker images before version of 4.3.18-alpine Alpine specific contain a blank password for a root user. System using the plone docker container deployed by affected versions of the docker image may allow a remote attacker to achieve root access with a blank password...
The vulnerability of the official interface for developing container applications in Plone Docker allows a hacker to gain access to modify or delete files.
The vulnerability of the official Plone Docker image for container applications lies in the absence of a mechanism to prevent unintended modifications to resources during request processing. Exploiting this vulnerability could allow an attacker to gain access to modify or delete files using PUT a...
CVE-2024-23756
The HTTP PUT and DELETE methods are enabled in the Plone official Docker version 5.2.13 5221, allowing unauthenticated attackers to execute dangerous actions such as uploading files to the server or deleting them...
CVE-2024-23054
An issue in Plone Docker Official Image 5.2.13 5221 open-source software that could allow for remote code execution due to a package listed in ++plone++static/components not existing in the public package index npm...
CVE-2024-23054
An issue in Plone Docker Official Image 5.2.13 5221 open-source software that could allow for remote code execution due to a package listed in ++plone++static/components not existing in the public package index npm...
CVE-2024-23054
An issue in Plone Docker Official Image 5.2.13 5221 open-source software that could allow for remote code execution due to a package listed in ++plone++static/components not existing in the public package index npm...
CVE-2024-23054
An issue in Plone Docker Official Image 5.2.13 5221 open-source software that could allow for remote code execution due to a package listed in ++plone++static/components not existing in the public package index npm...
PT-2024-19647 · Plone · Plone
Name of the Vulnerable Software and Affected Versions: Plone Docker Official Image version 5.2.13 5221 Description: An issue in the Plone Docker Official Image open-source software could allow for remote code execution due to a package listed in ++plone++static/components not existing in the publ...
The vulnerability of the official interface for developing container applications in Plone Docker exists due to the lack of measures to neutralize special elements. This allows a hacker to execute arbitrary code.
The vulnerability of the official Plone Docker image exists because measures to neutralize special elements have not been taken. Exploiting this vulnerability allows a malicious actor to execute arbitrary code by injecting code into the HOST header...
Remote code execution
An issue in Plone Docker Official Image 5.2.13 5221 open-source software allows for remote code execution via improper validation of input by the HOST headers...
CVE-2024-23055
An issue in Plone Docker Official Image 5.2.13 5221 open-source software allows for remote code execution via improper validation of input by the HOST headers...
CVE-2024-23055
An issue in Plone Docker Official Image 5.2.13 5221 open-source software allows for remote code execution via improper validation of input by the HOST headers...