RSS   Vulnerabilities for 'Petitforum'   RSS

2003-12-31
 
CVE-2003-1424

 

 
message.php in Petitforum does not properly authenticate users, which allows remote attackers to impersonate forum users via a modified connect cookie.

 
 
CVE-2003-1423

 

 
Petitforum stores the liste.txt data file under the web document root with insufficient access control, which allows remote attackers to obtain sensitive information such as e-mail addresses and encrypted passwords.

 


Copyright 2024, cxsecurity.com

 

Back to Top