Lucene search
K

14 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2014-0067

Malware in sbrugna...

4.3CVSS6.2AI score0.00933EPSS
Exploits0References10
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2001-0560

Malware in sbrugna...

2.1CVSS6.3AI score0.00382EPSS
Exploits0References8
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2014-0069

Malware in sbrugna...

5CVSS6.1AI score0.02337EPSS
Exploits1References10
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2001-1259

Malware in sbrugna...

7.5CVSS6.4AI score0.01396EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/05/23 4:28 a.m.7 views

CVE-2023-44389

Zope is an open-source web application server. The title property, available on most Zope objects, can be used to store script code that is executed while viewing the affected object in the Zope Management Interface ZMI. All versions of Zope 4 and Zope 5 are affected. Patches will be released wit...

4.8CVSS6.9AI score0.00404EPSS
Exploits0
OSV
OSV
added 2022/05/02 4:1 a.m.7 views

GHSA-5R4X-QC7Q-VJ27 Zope Cross-site scripting (XSS) vulnerability in ZMI pages

Cross-site scripting XSS vulnerability in ZMI pages that use the managetabsmessage in Zope 2.11.4, 2.11.2, 2.10.9, 2.10.7, 2.10.6, 2.10.5, 2.10.4, 2.10.2, 2.10.1, 2.12...

6.1CVSS6AI score0.02055EPSS
Exploits0References8
OSV
OSV
added 2022/05/01 7:9 a.m.7 views

GHSA-JCJP-QQPQ-PC54 Zope allows local users to read arbitrary files

Zope 2.7.0 to 2.7.8, 2.8.0 to 2.8.7, and 2.9.0 to 2.9.3 Zope2 does not disable the "raw" command when providing untrusted users with restructured text reStructuredText functionality from docutils, which allows local users to read arbitrary files...

2.1CVSS6.1AI score0.00422EPSS
Exploits0References8
Cvelist
Cvelist
added 2003/04/02 5:0 a.m.24 views

CVE-2002-0687

The "through the web code" capability for Zope 2.0 through 2.5.1 b1 allows untrusted users to shut down the Zope server via certain headers...

6.5AI score0.01467EPSS
Exploits0References5
Cvelist
Cvelist
added 2002/06/25 4:0 a.m.22 views

CVE-2001-1227

Zope before 2.2.4 allows partially trusted users to bypass security controls for certain methods by accessing the methods through the fmt attribute of dtml-var tags...

6.6AI score0.01419EPSS
Exploits0References5
NVD
NVD
added 2001/10/10 4:0 a.m.16 views

CVE-2001-1278

Zope before 2.2.4 allows partially trusted users to bypass security controls for certain methods by accessing the methods through the fmt attribute of dtml-var tags...

7.5CVSS6.6AI score0.01396EPSS
Exploits0References3
NVD
NVD
added 2001/10/10 4:0 a.m.19 views

CVE-2001-1227

Zope before 2.2.4 allows partially trusted users to bypass security controls for certain methods by accessing the methods through the fmt attribute of dtml-var tags...

7.5CVSS6.6AI score0.01419EPSS
Exploits0References5
NVD
NVD
added 2000/12/18 5:0 a.m.18 views

CVE-2000-1212

Zope 2.2.0 through 2.2.4 does not properly protect a data updating method on Image and File objects, which allows attackers with DTML editing privileges to modify the raw data of these objects...

5CVSS6.3AI score0.0153EPSS
Exploits0References7
NVD
NVD
added 2000/10/20 4:0 a.m.16 views

CVE-2000-0725

Zope before 2.2.1 does not properly restrict access to the getRoles method, which allows users who can edit DTML to add or modify roles by modifying the roles list that is included in a request...

7.2CVSS6.5AI score0.00467EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2000/06/22 12:0 a.m.28 views

Zope < 2.1.7 DocumentTemplate Unauthorized DTML Entity Modification

The remote web server is Zope 2.1.7. There is a security problem in these versions that can allow the contents of DTMLDocuments or DTMLMethods to be changed without forcing proper user authentication. C Tenable Network Security, Inc. include"compat.inc"; ifdescription scriptid10447; scriptversion...

7.5CVSS5.5AI score0.02944EPSS
Exploits0References3
Rows per page
Query Builder