Lucene search
GoogleOSV:PYSEC-2017-58HistoryMar 07, 2017 - 4:59 p.m.
PYSEC-2017-58
2017-03-0716:59:00
Google
osv.dev
15
EPSS
0.002
Percentile
55.5%
Directory traversal vulnerability in Plone CMS 5.x through 5.0.6 and 4.2.x through 4.3.11 allows remote administrators to read arbitrary files via a … (dot dot) in the path parameter in a getFile action to Plone/++theme++barceloneta/@@plone.resourceeditor.filemanager-actions.
References
packetstormsecurity.com/files/139110/Plone-CMS-4.3.11-5.0.6-XSS-Traversal-Open-Redirection.html
seclists.org/fulldisclosure/2016/Oct/80
www.openwall.com/lists/oss-security/2016/09/05/4
www.openwall.com/lists/oss-security/2016/09/05/5
www.securityfocus.com/archive/1/539572/100/0/threaded
www.securityfocus.com/bid/92752
plone.org/security/hotfix/20160830/filesystem-information-leak
Related
cve
cve
CVE-2016-7135
2017-03-07 16:59:00
redhatcve
redhatcve
CVE-2016-7135
2016-09-06 08:18:42
cvelist
cvelist
CVE-2016-7135
2017-03-07 16:00:00
nvd
nvd
CVE-2016-7135
2017-03-07 16:59:00
github
github
Plone vulnerable to filesystem information leak
2022-05-14 02:46:12
prion
prion
Directory traversal
2017-03-07 16:59:00
osv
osv
CVE-2016-7135
2017-03-07 16:59:00
packetstorm
packetstorm
Plone CMS 4.3.11 / 5.0.6 XSS / Traversal / Open Redirection
2016-10-12 00:00:00
openvas
openvas
Plone CMS < 4.3.12, 5.x < 5.0.7 Multiple Vulnerabilities
2016-10-31 00:00:00
nessus
nessus
RHEL 5 : conga (Unpatched Vulnerability)
2024-06-03 00:00:00
RHEL 5 : plone (Unpatched Vulnerability)
2024-05-11 00:00:00