Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
zope zope vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2006-4684
The docutils module in Zope (Zope2) 2.7.0 up to and including 2.7.9 and 2.8.0 up to and including 2.8.8 does not properly handle web pages with reStructuredText (reST) markup, which allows remote malicious users to read arbitrary files via a csv_table directive, a different vulne...
Zope Zope 2.8.0
Zope Zope 2.8.8
Zope Zope 2.7.0
Zope Zope 2.7.6
Zope Zope 2.7.5
Zope Zope 2.7.3
Zope Zope 2.8.5
Zope Zope 2.8.2
Zope Zope 2.8.6
Zope Zope 2.7.4
Zope Zope 2.7.9
Zope Zope 2.8.3
Zope Zope 2.7.1
Zope Zope 2.7.2
Zope Zope 2.8.1
Zope Zope 2.8.4
Zope Zope 2.7.8
Zope Zope 2.7.7
Zope Zope 2.8.7
5
CVSSv2
CVE-2006-1711
Plone 2.0.5, 2.1.2, and 2.5-beta1 does not restrict access to the (1) changeMemberPortrait, (2) deletePersonalPortrait, and (3) testCurrentPassword methods, which allows remote malicious users to modify portraits.
Plone Plone 2.5 Beta1
Plone Plone 2.1.2
Plone Plone 2.0.5
1 EDB exploit
5
CVSSv2
CVE-2002-0687
The "through the web code" capability for Zope 2.0 up to and including 2.5.1 b1 allows untrusted users to shut down the Zope server via certain headers.
Zope Zope
5
CVSSv2
CVE-2000-1212
Zope 2.2.0 up to and including 2.2.4 does not properly protect a data updating method on Image and File objects, which allows attackers with DTML editing privileges to modify the raw data of these objects.
Zope Zope 2.2.0b2
Zope Zope 2.2.1
Zope Zope 2.2.0b4
Zope Zope 2.2.0
Zope Zope 2.2.1b1
Zope Zope 2.2.4
Zope Zope 2.2.2
Zope Zope 2.2.0b1
Zope Zope 2.2.0b3
Zope Zope 2.2.0a1
Zope Zope 2.2.3
4.6
CVSSv2
CVE-2001-0567
Digital Creations Zope 2.3.2 and previous versions allows a local malicious user to gain additional privileges via the changing of ZClass permission mappings for objects and methods in the ZClass.
Zope Zope 7.1
Zope Zope 7.2
4.3
CVSSv2
CVE-2021-33507
Zope Products.CMFCore prior to 2.5.1 and Products.PluggableAuthService prior to 2.6.2, as used in Plone up to and including 5.2.4 and other products, allow Reflected XSS.
Plone Plone
Zope Zope
4.3
CVSSv2
CVE-2013-7062
Multiple cross-site scripting (XSS) vulnerabilities in Zope, as used in Plone 3.3.x up to and including 3.3.6, 4.0.x up to and including 4.0.9, 4.1.x up to and including 4.1.6, 4.2.x up to and including 4.2.7, and 4.3 up to and including 4.3.2, allow remote malicious users to inj...
Plone Plone
4.3
CVSSv2
CVE-2011-4924
Cross-site scripting (XSS) vulnerability in Zope 2.8.x prior to 2.8.12, 2.9.x prior to 2.9.12, 2.10.x prior to 2.10.11, 2.11.x prior to 2.11.6, and 2.12.x prior to 2.12.3, 3.1.1 up to and including 3.4.1. allows remote malicious users to inject arbitrary web script or HTML via ve...
Zope Zope
4.3
CVSSv2
CVE-2009-5145
Cross-site scripting (XSS) vulnerability in ZMI pages that use the manage_tabs_message in Zope 2.11.4, 2.11.2, 2.10.9, 2.10.7, 2.10.6, 2.10.5, 2.10.4, 2.10.2, 2.10.1, 2.12.
Zope Zope 2.10.5
Zope Zope 2.10.7
Zope Zope 2.10.1
Zope Zope 2.12.0
Zope Zope 2.11.2
Zope Zope 2.10.2
Zope Zope 2.10.4
Zope Zope 2.10.6
Zope Zope 2.10.9
Zope Zope 2.11.4
4.3
CVSSv2
CVE-2016-7147
Cross-site scripting (XSS) vulnerability in the manage_findResult component in the search feature in Zope ZMI in Plone prior to 4.3.12 and 5.x prior to 5.0.7 allows remote malicious users to inject arbitrary web script or HTML via vectors involving double quotes, as demonstrated ...
Plone Plone 3.3
Plone Plone 4.3.3
Plone Plone 4.3.11
Plone Plone 4.0.5
Plone Plone 4.3.6
Plone Plone 5.0.1
Plone Plone 4.2.3
Plone Plone 5.0.2
Plone Plone 5.0
Plone Plone 4.0.2
Plone Plone 5.0.5
Plone Plone 3.3.5
Plone Plone 4.3.5
Plone Plone 4.3.10
Plone Plone 5.0.3
Plone Plone 4.3
Plone Plone 4.2.2
Plone Plone 4.0.8
Plone Plone 5.0.6
Plone Plone 3.3.4
Plone Plone 4.0.7
Plone Plone 3.3.2
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
SSRF
server-side request forgery
CVE-2024-30067
CVE-2024-5553
CVE-2024-30095
IDOR
CVE-2024-35252
CVE-2024-23692
CVE-2024-27801
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »