CVSS: 7.5EPSS: 1%CPEs: 8EXPL: 0CVE-2007-5741
https://notcve.org/view.php?id=CVE-2007-5741
Plone 2.5 through 2.5.4 and 3.0 through 3.0.2 allows remote attackers to execute arbitrary Python code via network data containing pickled objects for the (1) statusmessages or (2) linkintegrity module, which the module unpickles and executes. Plone 2.5 hasta 2.5.4 y 3.0 hasta 3.0.2 permite a atacantes remotos ejecutar código Python de su elección mediante información de red que contiene objetos "serializados" (pickled) para los módulos (1) statusmessages o (2) linkintegrity, los cuales son "deserializados" (unpickled) y ejecutados. • http://osvdb.org/42071 http://osvdb.org/42072 http://plone.org/about/security/advisories/cve-2007-5741 http://secunia.com/advisories/27530 http://secunia.com/advisories/27559 http://www.debian.org/security/2007/dsa-1405 http://www.securityfocus.com/archive/1/483343/100/0/threaded http://www.securityfocus.com/bid/26354 http://www.vupen.com/english/advisories/2007/3754 https://exchange.xforce.ibmcloud.com/vulnerabilities/38288 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 5.0EPSS: 14%CPEs: 3EXPL: 1CVE-2006-1711 – Plone 2.x - MembershipTool Access Control Bypass
https://notcve.org/view.php?id=CVE-2006-1711
Plone 2.0.5, 2.1.2, and 2.5-beta1 does not restrict access to the (1) changeMemberPortrait, (2) deletePersonalPortrait, and (3) testCurrentPassword methods, which allows remote attackers to modify portraits. • https://www.exploit-db.com/exploits/27630 http://dev.plone.org/plone/ticket/5432 http://secunia.com/advisories/19633 http://secunia.com/advisories/19640 http://www.debian.org/security/2006/dsa-1032 http://www.securityfocus.com/bid/17484 http://www.vupen.com/english/advisories/2006/1340 https://exchange.xforce.ibmcloud.com/vulnerabilities/25781 https://svn.plone.org/svn/plone/PloneHotfix20060410/trunk/README.txt •