Filtered by vendor Plone Subscriptions
Filtered by product Plone Subscriptions
Total 104 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2007-5741 1 Plone 1 Plone 2024-11-21 N/A
Plone 2.5 through 2.5.4 and 3.0 through 3.0.2 allows remote attackers to execute arbitrary Python code via network data containing pickled objects for the (1) statusmessages or (2) linkintegrity module, which the module unpickles and executes.
CVE-2006-4249 1 Plone 1 Plone 2024-11-21 N/A
Unspecified vulnerability in PlonePAS in Plone 2.5 and 2.5.1, when anonymous member registration is enabled, allows an attacker to "masquerade as a group."
CVE-2006-4247 1 Plone 1 Plone 2024-11-21 N/A
Unspecified vulnerability in the Password Reset Tool before 0.4.1 on Plone 2.5 and 2.5.1 Release Candidate allows attackers to reset the passwords of other users, related to "an erroneous security declaration."
CVE-2006-1711 1 Plone 1 Plone 2024-11-21 N/A
Plone 2.0.5, 2.1.2, and 2.5-beta1 does not restrict access to the (1) changeMemberPortrait, (2) deletePersonalPortrait, and (3) testCurrentPassword methods, which allows remote attackers to modify portraits.