WEB APPLICATION VULNERABILITIES Standard & Premium

Zope Web Application Server CVE-2011-3587 Vulnerability (CVE-2011-3587)

Description

Unspecified vulnerability in Zope 2.12.x and 2.13.x, as used in Plone 4.0.x through 4.0.9, 4.1, and 4.2 through 4.2a2, allows remote attackers to execute arbitrary commands via vectors related to the p_ class in OFS/misc_.py and the use of Python modules.

Remediation

References

Related Vulnerabilities

WordPress Plugin Sendit WP Newsletter SQL Injection (2.5.1)

Ruby on Rails Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2020-8166)

WordPress Plugin Buddypress Xprofile Custom Fields Type Arbitrary File Deletion (2.6.3)

MySQL CVE-2020-14837 Vulnerability (CVE-2020-14837)

Oracle Database Server CVE-2019-2799 Vulnerability (CVE-2019-2799)

Severity

Critical

Classification

CVE-2011-3587

Tags

Missing Update Known Vulnerabilities