NotCVE - vendor:"Zope" product:"Zope" version:" <= 2.13.18"

Page 4 of 33 results (0.002 seconds)

CVSS: 8.1EPSS: 0%CPEs: 4EXPL: 0

CVE-2000-0725

https://notcve.org/view.php?id=CVE-2000-0725

13 Oct 2000 — Zope before 2.2.1 does not properly restrict access to the getRoles method, which allows users who can edit DTML to add or modify roles by modifying the roles list that is included in a request. • http://archives.neohapsis.com/archives/bugtraq/2000-08/0198.html •

CVSS: 7.5EPSS: 1%CPEs: 5EXPL: 0

CVE-2000-0483

https://notcve.org/view.php?id=CVE-2000-0483

15 Jun 2000 — The DocumentTemplate package in Zope 2.2 and earlier allows a remote attacker to modify DTMLDocuments or DTMLMethods without authorization. • ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00%3A38.zope.asc •

CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 0

CVE-2000-0062

https://notcve.org/view.php?id=CVE-2000-0062

04 Jan 2000 — The DTML implementation in the Z Object Publishing Environment (Zope) allows remote attackers to conduct unauthorized activities. • http://www.securityfocus.com/bid/922 •

1 2 3 4