Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
plone plone 3.0.2 vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2008-4571
Cross-site scripting (XSS) vulnerability in the LiveSearch module in Plone prior to 3.0.4 allows remote malicious users to inject arbitrary web script or HTML via the Description field for search results, as demonstrated using the onerror Javascript even in an IMG tag.
Plone Plone 2.5.1
Plone Plone 2.5 Beta1
Plone Plone 2.0.5
Plone Plone 3.0
Plone Plone 2.5
Plone Plone 2.1.2
Plone Plone 2.5.4
Plone Plone 2.5.1 Rc
Plone Plone 3.0.1
Plone Plone 3.0.2
Plone Plone
4
CVSSv2
CVE-2013-4192
sendto.py in Plone 2.1 up to and including 4.1, 4.2.x up to and including 4.2.5, and 4.3.x up to and including 4.3.1 allows remote authenticated users to spoof emails via unspecified vectors.
Plone Plone 4.0.4
Plone Plone 4.0.6.1
Plone Plone 3.0.5
Plone Plone 3.1
Plone Plone 3.1.5.1
Plone Plone 3.1.7
Plone Plone 3.2.1
Plone Plone 3.3.2
Plone Plone 3.3.4
Plone Plone 2.5.5
Plone Plone 2.1.1
Plone Plone 3.0
Plone Plone 3.0.1
Plone Plone 3.0.2
Plone Plone 3.0.3
Plone Plone 3.2.2
Plone Plone 3.2.3
Plone Plone 3.3
Plone Plone 3.3.1
Plone Plone 2.1.2
Plone Plone 2.1.3
Plone Plone 2.1.4
4
CVSSv2
CVE-2013-4198
mail_password.py in Plone 2.1 up to and including 4.1, 4.2.x up to and including 4.2.5, and 4.3.x up to and including 4.3.1 allows remote authenticated users to bypass the prohibition on password changes via the forgotten password email functionality.
Plone Plone 3.0.4
Plone Plone 3.0.5
Plone Plone 3.0.6
Plone Plone 3.1
Plone Plone 3.3.2
Plone Plone 3.3.3
Plone Plone 3.3.4
Plone Plone 3.3.5
Plone Plone 4.0.4
Plone Plone 4.0.5
Plone Plone 4.0.6.1
Plone Plone 4.1
Plone Plone 3.1.6
Plone Plone 3.1.7
Plone Plone 3.2
Plone Plone 3.2.1
Plone Plone 2.5.4
Plone Plone 2.5.5
Plone Plone 2.1
Plone Plone 2.1.1
Plone Plone 4.0
Plone Plone 4.0.2
3.5
CVSSv2
CVE-2012-5502
Cross-site scripting (XSS) vulnerability in safe_html.py in Plone prior to 4.2.3 and 4.3 before beta 1 allows remote authenticated users with permissions to edit content to inject arbitrary web script or HTML via unspecified vectors.
Plone Plone 4.1.6
Plone Plone 4.1.5
Plone Plone 4.1.4
Plone Plone 4.1
Plone Plone 3.2.3
Plone Plone 3.2.2
Plone Plone 3.2.1
Plone Plone 3.2
Plone Plone 3.0.1
Plone Plone 3.0
Plone Plone 2.5.5
Plone Plone 2.5.4
Plone Plone 2.0.2
Plone Plone 2.0.1
Plone Plone 2.0
Plone Plone 1.0.6
Plone Plone 1.0.5
Plone Plone 4.2.0.1
Plone Plone 4.2
Plone Plone 4.0.1
Plone Plone 4.0
Plone Plone 3.3.5
3.5
CVSSv2
CVE-2013-4199
(1) cb_decode.py and (2) linkintegrity.py in Plone 2.1 up to and including 4.1, 4.2.x up to and including 4.2.5, and 4.3.x up to and including 4.3.1 allow remote authenticated users to cause a denial of service (resource consumption) via a large zip archive, which is expanded (de...
Plone Plone 4.2
Plone Plone 4.2.1
Plone Plone 4.2.2
Plone Plone 4.2.4
Plone Plone 4.2.3
Plone Plone 4.2.5
Plone Plone 4.3
Plone Plone 4.3.1
Plone Plone 4.0.6.1
Plone Plone 4.1
Plone Plone 3.0
Plone Plone 3.0.1
Plone Plone 3.1.7
Plone Plone 3.2
Plone Plone 3.2.1
Plone Plone 3.2.2
Plone Plone 3.2.3
Plone Plone 2.1
Plone Plone 2.1.1
Plone Plone 2.1.2
Plone Plone 2.1.3
Plone Plone 4.0.1
3.5
CVSSv2
CVE-2011-1949
Cross-site scripting (XSS) vulnerability in the safe_html filter in Products.PortalTransforms in Plone 2.1 up to and including 4.1 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2010-2422.
Plone Plone 2.1.2
Plone Plone 2.5.2
Plone Plone 2.5.3
Plone Plone 3.1.6
Plone Plone 3.1.5.1
Plone Plone 3.3.1
Plone Plone 3.3
Plone Plone 3.3.3
Plone Plone 3.3.4
Plone Plone 2.5.4
Plone Plone 4.0.4
Plone Plone 4.0.5
Plone Plone 2.1.4
Plone Plone 2.1.3
Plone Plone 3.0
Plone Plone 3.0.1
Plone Plone 3.0.2
Plone Plone 3.1.4
Plone Plone 3.1.3
Plone Plone 3.2.3
Plone Plone 3.2.2
Plone Plone 2.5.5
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23316
SQL injection
type confusion
CVE-2024-20697
CVE-2024-4344
local
CVE-2024-30043
CVE-2024-3821
CVE-2024-5041
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5