Plone Zope SAXutils Command Execution

Added: 01/13/2012 CVE: CVE-2011-3587 BID: 49857 OSVDB: 76105 Background Plone is a free and open source content management system built on top of the Zope application server. Plone can be used for any kind of website, including blogs, internet sites, webshops and internal websites. Problem Plone...

Plone and Zope XMLTools Remote Command Execution

Unspecified vulnerability in Zope 2.12.x and 2.13.x, as used in Plone 4.0.x through 4.0.9, 4.1, and 4.2 through 4.2a2, allows remote attackers to execute arbitrary commands via vectors related to the p class in OFS/misc.py and the use of Python modules. This module requires Metasploit:...