Filtered by vendor Plone
Subscriptions
Filtered by product Plone
Subscriptions
Total
104 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2007-5741 | 1 Plone | 1 Plone | 2024-11-21 | N/A |
Plone 2.5 through 2.5.4 and 3.0 through 3.0.2 allows remote attackers to execute arbitrary Python code via network data containing pickled objects for the (1) statusmessages or (2) linkintegrity module, which the module unpickles and executes. | ||||
CVE-2006-4249 | 1 Plone | 1 Plone | 2024-11-21 | N/A |
Unspecified vulnerability in PlonePAS in Plone 2.5 and 2.5.1, when anonymous member registration is enabled, allows an attacker to "masquerade as a group." | ||||
CVE-2006-4247 | 1 Plone | 1 Plone | 2024-11-21 | N/A |
Unspecified vulnerability in the Password Reset Tool before 0.4.1 on Plone 2.5 and 2.5.1 Release Candidate allows attackers to reset the passwords of other users, related to "an erroneous security declaration." | ||||
CVE-2006-1711 | 1 Plone | 1 Plone | 2024-11-21 | N/A |
Plone 2.0.5, 2.1.2, and 2.5-beta1 does not restrict access to the (1) changeMemberPortrait, (2) deletePersonalPortrait, and (3) testCurrentPassword methods, which allows remote attackers to modify portraits. |