Plone » Plone » 4.1.2 * * * : Security Vulnerabilities (Gain Information)
Cpe Name:
cpe:2.3:a:plone:plone:4.1.2:*:*:*:*:*:*:*
# |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
1 |
CVE-2017-5524 |
134 |
|
Bypass +Info |
2017-03-23 |
2019-10-03 |
4.0 |
None |
Remote |
Low |
??? |
Partial |
None |
None |
Plone 4.x through 4.3.11 and 5.x through 5.0.6 allow remote attackers to bypass a sandbox protection mechanism and obtain sensitive information by leveraging the Python string format method. |
2 |
CVE-2016-4042 |
200 |
|
+Info |
2017-02-24 |
2017-02-27 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
Plone 3.3 through 5.1a1 allows remote attackers to obtain information about the ID of sensitive content via unspecified vectors. |
3 |
CVE-2013-7061 |
264 |
|
Bypass +Info |
2014-05-02 |
2014-06-30 |
5.5 |
None |
Remote |
Low |
??? |
Partial |
Partial |
None |
Products/CMFPlone/CatalogTool.py in Plone 3.3 through 4.3.2 allows remote administrators to bypass restrictions and obtain sensitive information via an unspecified search API. |
4 |
CVE-2013-7060 |
200 |
|
+Info |
2014-05-02 |
2014-06-30 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
Products/CMFPlone/FactoryTool.py in Plone 3.3 through 4.3.2 allows remote attackers to obtain the installation path via vectors related to a file object for unspecified documentation which is initialized in class scope. |
Total number of vulnerabilities :
4
Page :
1
(This Page)