CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

8 matches found

Tenable Nessus•added 2012/09/06 12:0 a.m.•23 views

Mandrake Linux Security Advisory : Zope (MDKSA-2001:025)

A new Hotfix for Zope has been released that fixes a very important security issue that affects all versions of Zope prior to and including 2.3.1b1. Users can use through-the-web scripting capabilities on a Zope site to view and assign class attributes to ZClasses, possibly allowing them to make...

2.1CVSS5.4AI score0.00131EPSS

Exploits0References1

Tenable Nessus•added 2012/09/06 12:0 a.m.•35 views

Mandrake Linux Security Advisory : Zope (MDKSA-2001:049)

Another problem was discovered in Zope that fixes a problem with ZClasses. Any user can visit a ZClass declaration and change the ZClass permission mappings for methods and other objects defined within the ZClass, possibly allowing for unauthorized access within the Zope instance. The Zope Hotfix...

4.6CVSS5.3AI score0.00111EPSS

Exploits0References3

OpenVAS•added 2008/01/17 12:0 a.m.•15 views

Debian Security Advisory DSA 043-1 (zope)

The remote host is missing an update to zope announced via advisory DSA 043-1. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

2.1CVSS7.1AI score0.00131EPSS

Exploits0References1

OpenVAS•added 2008/01/17 12:0 a.m.•20 views

Debian Security Advisory DSA 043-1 (zope)

The remote host is missing an update to zope announced via advisory DSA 043-1. OpenVAS Vulnerability Test $Id: deb0431.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 043-1 Authors: Thomas Reinke Copyright: Copyright c 2007 E-Soft Inc...

2.1CVSS0.8AI score0.00131EPSS

Exploits0

Tenable Nessus•added 2004/09/29 12:0 a.m.•26 views

Debian DSA-043-1 : zope

This advisory covers several vulnerabilities in Zope that have been addressed.Hotfix 08092000 'Zope security alert and hotfix product' The issue involves the fact that the getRoles method of user objects contained in the default UserFolder implementation returns a mutable Python type. Because the...

2.1CVSS5.5AI score0.00131EPSS

Exploits0References3

securityvulns•added 2001/10/16 12:0 a.m.•27 views

Дырка в zope :)

Класс DocumentTemplate содержит методы, которые позволяют изменить характеристики класса удаленно через DTML без авторизации. Кроме того проблеммы с классом ZClasses. Часть небезопасных методов могут быть вызваны ограниченным пользователем...

0.6AI score

Exploits0References4Affected Software1

NVD•added 2001/08/22 4:0 a.m.•14 views

CVE-2001-0568

Digital Creations Zope 2.3.1 b1 and earlier allows a local attacker Zope user with through-the-web scripting capabilities to alter ZClasses class attributes...

2.1CVSS5.9AI score0.00111EPSS

Exploits0References5

Cvelist•added 2001/07/27 4:0 a.m.•20 views

CVE-2001-0568

Digital Creations Zope 2.3.1 b1 and earlier allows a local attacker Zope user with through-the-web scripting capabilities to alter ZClasses class attributes...

5.9AI score0.00111EPSS

Exploits0References5

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by