Description

Unspecified vulnerability in Plone 2.5 through 4.0, as used in Conga, luci, and possibly other products, allows remote attackers to obtain administrative access, read or create arbitrary content, and change the site skin via unknown vectors.

Remediation

References

CVE-2011-0720

Related Vulnerabilities

WordPress 4.2.x Multiple Vulnerabilities (4.2 - 4.2.25)

WordPress URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2018-10100)

phpMyFAQ Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2011-4825)

WordPress Plugin DP Thumbnail TimThumb Arbitrary File Upload (1.0)

WordPress Plugin FV Flowplayer Video Player Cross-Site Scripting (7.5.32.7212)

Severity

High

Classification

CVE-2011-0720

Tags

Missing Update Known Vulnerabilities