Lucene search
K

7 matches found

Github Security Blog
Github Security Blog
added 2022/05/02 4:1 a.m.16 views

Zope Cross-site scripting (XSS) vulnerability in ZMI pages

Cross-site scripting XSS vulnerability in ZMI pages that use the managetabsmessage in Zope 2.11.4, 2.11.2, 2.10.9, 2.10.7, 2.10.6, 2.10.5, 2.10.4, 2.10.2, 2.10.1, 2.12...

6.1CVSS6.2AI score0.02055EPSS
Exploits0References8Affected Software1
RedhatCVE
RedhatCVE
added 2017/08/21 2:48 p.m.23 views

CVE-2009-5145

Cross-site scripting XSS vulnerability in ZMI pages that use the managetabsmessage in Zope 2.11.4, 2.11.2, 2.10.9, 2.10.7, 2.10.6, 2.10.5, 2.10.4, 2.10.2, 2.10.1, 2.12...

6.1CVSS1AI score0.02055EPSS
Exploits0References1
myhack58
myhack58
added 2011/12/23 12:0 a.m.18 views

Plone zope remote command execution vulnerability(python)-bug warning-the black bar safety net

Versions Affected without hotfix: Plone 4.0 through 4.0.9; Plone 4.1; Plone 4.2 a1 and a2; Zope 2.12. x and Zope 2.13. x. Versions Not Affected: Versions of Plone that use Zope other than Zope 2.12. x and Zope 2.13. x. Advisory/Hotfix: http://plone.org/products/plone/security/advisories/20110928...

1.8AI score
Exploits0
exploitpack
exploitpack
added 2011/12/21 12:0 a.m.79 views

Plone and Zope - Remote Command Execution

Plone and Zope - Remote Command Execution Exploit Title: Plone - Remote Command Execution Date: 12/21/2011 Author: Nick Miles www.npenetrable.com Tested on: 12/21/2011 CVE : CVE-2011-3587 Versions Affected without hotfix: Plone 4.0 through 4.0.9; Plone 4.1; Plone 4.2 a1 and a2; Zope 2.12.x and Zo...

9.3CVSS0.78546EPSS
Exploits15
Prion
Prion
added 2011/10/10 10:55 a.m.20 views

Design/Logic Flaw

Unspecified vulnerability in Zope 2.12.x and 2.13.x, as used in Plone 4.0.x through 4.0.9, 4.1, and 4.2 through 4.2a2, allows remote attackers to execute arbitrary commands via vectors related to the p class in OFS/misc.py and the use of Python modules...

9.3CVSS7.7AI score0.78546EPSS
Exploits15References8Affected Software2
UbuntuCve
UbuntuCve
added 2010/03/25 5:30 p.m.28 views

CVE-2010-1104

Cross-site scripting XSS vulnerability in Zope 2.8.x before 2.8.12, 2.9.x before 2.9.12, 2.10.x before 2.10.11, 2.11.x before 2.11.6, and 2.12.x before 2.12.3 allows remote attackers to inject arbitrary web script or HTML via vectors related to error messages...

4.3CVSS6.5AI score0.0195EPSS
Exploits0References2
Prion
Prion
added 2010/03/25 5:30 p.m.18 views

Cross site scripting

Cross-site scripting XSS vulnerability in Zope 2.8.x before 2.8.12, 2.9.x before 2.9.12, 2.10.x before 2.10.11, 2.11.x before 2.11.6, and 2.12.x before 2.12.3 allows remote attackers to inject arbitrary web script or HTML via vectors related to error messages...

4.3CVSS6AI score0.0195EPSS
Exploits0References6Affected Software1
Rows per page
Query Builder