CVE-2021-38345 Brizy <= 1.0.125 and 1.0.127 – 2.3.11 Incorrect authorization checks allowing Post modification

The Brizy Page Builder plugin = 2.3.11 for WordPress used an incorrect authorization check that allowed any logged-in user accessing any endpoint in the wp-admin directory to modify the content of any existing post or page created with the Brizy editor. An identical issue was found by another...

PT News Unauthorized Administrative Access

The remote host is using the PT News management system. There is a flaw in this version which allows anyone to execute arbitrary admnistrative PTnews command on this host such as deleting news or editing a news without having to know the administrator password. An attacker may use this flaw to ed...

Zope < 2.1.7 DocumentTemplate Unauthorized DTML Entity Modification

The remote web server is Zope 2.1.7. There is a security problem in these versions that can allow the contents of DTMLDocuments or DTMLMethods to be changed without forcing proper user authentication. C Tenable Network Security, Inc. include"compat.inc"; ifdescription scriptid10447; scriptversion...