shenhav12

3 exploits Active since Feb 2024
CVE-2024-22889 NOMISEC HIGH SUSPICIOUS
Plone <6.0.9 - Info Disclosure
Due to incorrect access control in Plone version v6.0.9, remote attackers can view and list all files hosted on the website via sending a crafted request.
CVSS 7.5
CVE-2024-25169 NOMISEC CRITICAL STUB
Mezzanine v6.0.0 - Auth Bypass
An issue in Mezzanine v6.0.0 allows attackers to bypass access control mechanisms in the admin panel via a crafted request.
CVSS 9.8
CVE-2024-25170 NOMISEC CRITICAL STUB
Mezzanine v6.0.0 - CSRF
An issue in Mezzanine v6.0.0 allows attackers to bypass access controls via manipulating the Host header.
CVSS 9.1