exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 51 RSS Feed

Files

Zope 5.9 Command Injection
Posted May 15, 2024
Authored by Ilyase Dehy, Aymane MAZGUITI

Zope version 5.9 suffers from a command injection vulnerability in /utilities/mkwsgiinstance.py.

tags | exploit
advisories | CVE-2024-33828
SHA-256 | 1849107b888555128ddb84f1932e592e1a6cec7bad8f090a967908069ab52d02

Related Files

Zope Management Interface 4.3.7 Cross Site Request Forgery
Posted Oct 7, 2015
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

Zope Management Interface version 4.3.7 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
advisories | CVE-2015-7293
SHA-256 | 4a44c59001f1f7565864d480e019a3a4fd024ae8fa91414db943f1b82c6bccf1
Plone and Zope Remote CMD Injection Exploit
Posted Dec 28, 2011
Authored by TecR0c, Nick Miles, Plone Security team | Site metasploit.com

Unspecified vulnerability in Zope 2.12.x and 2.13.x, as used in Plone 4.0.x through 4.0.9, 4.1, and 4.2 through 4.2a2, allows remote attackers to execute arbitrary commands via vectors related to the p_ class in OFS/misc_.py and the use of Python modules.

tags | exploit, remote, arbitrary, python
advisories | CVE-2011-3587
SHA-256 | d488e05390fc02274354b9eb2deb35cb28a9702082aeccf1b3d64435758ea353
Plone / Zope Remote Command Execution
Posted Dec 21, 2011
Authored by Nick Miles | Site npenetrable.com

Proof of concept code that demonstrates a remote command execution in Plone versions 4.0 through 4.0.9, 4.1, 4.2 (a1 and a2) and Zope versions 2.12.x and 2.13.x.

tags | exploit, remote, proof of concept
advisories | CVE-2011-3587
SHA-256 | 233198580f60b5c19807e7dc79ce1f1aaf6a9b1290ddd21adb2e624fea5f177d
Secunia Security Advisory 46221
Posted Oct 31, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Zope, which can be exploited by malicious people to compromise a vulnerable system.

tags | advisory
SHA-256 | d7823f7eea31537f673578cc2f74c324b088a02eb28f5097d6fef071b2212e9a
Secunia Security Advisory 46586
Posted Oct 25, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability with an unknown impact has been reported in Zope.

tags | advisory
SHA-256 | c609791f3b03f08e437a5ee9baf757c49fff113a56b3a66e15af0c84394d5298
Mandriva Linux Security Advisory 2011-153
Posted Oct 17, 2011
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2011-153 - The LZW decompressor in the BufCompressedFill function in fontfile/decompress.c in X.Org libXfont before 1.4.4 and compress/compress.c in 4.3BSD, as used in zopen.c in OpenBSD before 3.8, FreeBSD, NetBSD, FreeType 2.1.9, and other products, does not properly handle code words that are absent from the decompression table when encountered, which allows context-dependent attackers to trigger an infinite loop or a heap-based buffer overflow, and possibly execute arbitrary code, via a crafted compressed stream, a related issue to and CVE-2011-2896. The updated packages have been patched to correct this issue.

tags | advisory, overflow, arbitrary
systems | linux, netbsd, freebsd, openbsd, mandriva
advisories | CVE-2011-2895
SHA-256 | 74b02a4d1cc9f234803f357f47342c8c7e438ae30758ff5024405fab894f950a
Secunia Security Advisory 45056
Posted Jun 29, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Zope, which can be exploited by malicious users to bypass certain security restrictions.

tags | advisory
SHA-256 | 2cf783ba29a7d86e8b9d002d0d33dcae5d1f042e12846c6af8eb6100c8477d22
Secunia Security Advisory 44764
Posted May 31, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A security issue has been reported in Zope, which can be exploited by malicious users to manipulate certain data and cause a DoS (Denial of Service).

tags | advisory, denial of service
SHA-256 | 8c0f0f9a295800c05bdf3c868baee282968f1f8156cbc420c3f242935911933b
Secunia Security Advisory 41755
Posted Oct 11, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Zope Object Database, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service
SHA-256 | 16d8526e526f9b5bff0e2a24f55e524a7cfc33555843b58ca7d5da787161c5c6
Secunia Security Advisory 41267
Posted Sep 5, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Zope, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service
SHA-256 | 69bbfe266b53d0ab927418d290bb66903c0814bdfd7419c3a87635768b194a48
Debian Linux Security Advisory 2096-1
Posted Aug 26, 2010
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2096-1 - Jeremy James discovered that in zope-ldapuserfolder, a Zope extension used to authenticate against an LDAP server, the authentication code does not verify the password provided for the emergency user. Malicious users that manage to get the emergency user login can use this flaw to gain administrative access to the Zope instance, by providing an arbitrary password.

tags | advisory, arbitrary
systems | linux, debian
advisories | CVE-2010-2944
SHA-256 | a78f393d182db7f8affd9dead5ad66efec31e5bb7de574df24217170e7a1ed02
Secunia Security Advisory 41054
Posted Aug 25, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Debian has issued an update for zope-ldapuserfolder. This fixes a vulnerability, which can be exploited by malicious people to bypass certain security restrictions.

tags | advisory
systems | linux, debian
SHA-256 | 7fbf3370a2807b9244a93ec173dac1230de97dbb923d26e9722e5ac76faa6e97
Secunia Security Advisory 41022
Posted Aug 20, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been discovered in the LDAPUserFolder product for Zope, which can be exploited by malicious people to bypass certain security restrictions.

tags | advisory
SHA-256 | 71f92a74fa1afbc5537b23f2800953ebf07dcfcc0ca8840c1247aa3410edb90d
Secunia Security Advisory 38007
Posted Jan 17, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Zope, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, xss
SHA-256 | 37650e5f07ee0f812d9780681b7a69b98ac2e03294bc6ad2250ecfd9aaccb41b
Ubuntu Security Notice 848-1
Posted Oct 15, 2009
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 848-1 - It was discovered that the Zope Object Database (ZODB) database server (ZEO) improperly filtered certain commands when a database is shared among multiple applications or application instances. A remote attacker could send malicious commands to the server and execute arbitrary code. It was discovered that the Zope Object Database (ZODB) database server (ZEO) did not handle authentication properly when a database is shared among multiple applications or application instances. A remote attacker could use this flaw to bypass security restrictions. It was discovered that Zope did not limit the number of new object ids a client could request. A remote attacker could use this flaw to consume a huge amount of resources, leading to a denial of service.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2009-0668, CVE-2009-0669
SHA-256 | d0add9cad39c4f99da2ff36804eb791b22674b0688b5457ef291a078ea032baa
Secunia Security Advisory 36637
Posted Sep 9, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Zope Object Database, which can be exploited by malicious users to disclose potentially sensitive information or delete certain files.

tags | advisory
SHA-256 | 3ad30de42291fe932f9d6d50856a8d9dd4013c75de36f5812b7a6984d6322f53
Secunia Security Advisory 36324
Posted Aug 18, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Debian has issued updates for zope2.10 and zope2.9. These fix some vulnerabilities, which can be exploited by malicious people to bypass certain security restrictions and compromise a vulnerable system.

tags | advisory, vulnerability
systems | linux, debian
SHA-256 | 3fdb61f8d51f81318609c5de56048495e7c52af0ab4d4f485569916a8a95d1ff
Debian Linux Security Advisory 1863-1
Posted Aug 17, 2009
Authored by Debian | Site debian.org

Debian Security Advisory 1863-1 - Several remote vulnerabilities have been discovered in the zope, a feature-rich web application server written in python, that could lead to arbitrary code execution in the worst case.

tags | advisory, remote, web, arbitrary, vulnerability, code execution, python
systems | linux, debian
advisories | CVE-2009-0668, CVE-2009-0669
SHA-256 | 9b50510b177e062943b28811c9b6700a49751d2e9d25c506bfa91c5bd4ee2182
Secunia Security Advisory 36205
Posted Aug 10, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Two vulnerabilities have been reported in Zope, which can be exploited by malicious people to bypass certain security restrictions and compromise a vulnerable system.

tags | advisory, vulnerability
SHA-256 | 76a64c56b044ae88e93d63c6720bcc19459c9952c083f7937d6c49e331700b27
Secunia Security Advisory 36204
Posted Aug 10, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Two vulnerabilities have been reported in Zope Object Database (ZODB), which can be exploited by malicious people to bypass certain security restrictions and compromise a vulnerable system.

tags | advisory, vulnerability
SHA-256 | f524cca9e53b77fc859b6c094a82c170a0a9ca30c6187dbf950aa490966982e8
Secunia Security Advisory 27559
Posted Nov 16, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Debian has issued an update for zope-cmfplone. This fixes some vulnerabilities, which can be exploited by malicious people to compromise a vulnerable system.

tags | advisory, vulnerability
systems | linux, debian
SHA-256 | 376557c77bbb66154df16a680a576333870344cab046cf83ecfa4511c0ca93de
Debian Linux Security Advisory 1405-2
Posted Nov 13, 2007
Authored by Debian | Site debian.org

Debian Security Advisory 1405-2 - The zope-cmfplone update in DSA 1405 introduced a regression. This update corrects this flaw.

tags | advisory
systems | linux, debian
advisories | CVE-2007-5741
SHA-256 | ddc8f5f88eaa01e22eab6126f2db39030335bd7cbeb0ff18da4430ea7846a392
Secunia Security Advisory 24713
Posted Apr 5, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Debian has issued an update for zope2.7. This fixes some vulnerabilities, which can be exploited by malicious people to conduct cross-site request forgery attacks.

tags | advisory, vulnerability, csrf
systems | linux, debian
SHA-256 | a0b6c68dd574ec5493be0859d42a768fcd489e15245e0ed7cd712af8260f971a
Debian Linux Security Advisory 1275-1
Posted Apr 4, 2007
Authored by Debian | Site debian.org

Debian Security Advisory 1275-1 - A cross-site scripting vulnerability in zope, a web application server, could allow an attacker to inject arbitrary HTML and/or JavaScript into the victim's web browser. This code would run within the security context of the web browser, potentially allowing the attacker to access private data such as authentication cookies, or to affect the rendering or behavior of zope web pages.

tags | advisory, web, arbitrary, javascript, xss
systems | linux, debian
advisories | CVE-2007-0240
SHA-256 | 4eeab3b990fa51069d157fd349284b5198861d20377c63fa5881436aac6405e3
Secunia Security Advisory 24017
Posted Mar 22, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Some vulnerabilities have been reported in Zope, which can be exploited by malicious people to conduct cross-site request forgery attacks

tags | advisory, vulnerability, csrf
SHA-256 | bf6f0520beea0f9626d0bc42ee8e732caab6d0c0e42258349b948438d73b4448
Page 1 of 3
Back123Next

File Archive:

June 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jun 1st
    0 Files
  • 2
    Jun 2nd
    0 Files
  • 3
    Jun 3rd
    18 Files
  • 4
    Jun 4th
    21 Files
  • 5
    Jun 5th
    0 Files
  • 6
    Jun 6th
    57 Files
  • 7
    Jun 7th
    6 Files
  • 8
    Jun 8th
    0 Files
  • 9
    Jun 9th
    0 Files
  • 10
    Jun 10th
    12 Files
  • 11
    Jun 11th
    27 Files
  • 12
    Jun 12th
    38 Files
  • 13
    Jun 13th
    16 Files
  • 14
    Jun 14th
    14 Files
  • 15
    Jun 15th
    0 Files
  • 16
    Jun 16th
    0 Files
  • 17
    Jun 17th
    0 Files
  • 18
    Jun 18th
    0 Files
  • 19
    Jun 19th
    0 Files
  • 20
    Jun 20th
    0 Files
  • 21
    Jun 21st
    0 Files
  • 22
    Jun 22nd
    0 Files
  • 23
    Jun 23rd
    0 Files
  • 24
    Jun 24th
    0 Files
  • 25
    Jun 25th
    0 Files
  • 26
    Jun 26th
    0 Files
  • 27
    Jun 27th
    0 Files
  • 28
    Jun 28th
    0 Files
  • 29
    Jun 29th
    0 Files
  • 30
    Jun 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close