RSS   Podatności dla 'Teekai forum'   RSS

2002-12-31
 
CVE-2002-2057

 

 
TeeKai Forum 1.2 uses weak encryption of web usage statistics in data/member_log.txt, which is stored under the web document root with insufficient access control, which allows remote attackers to identify IP's visiting the site by dividing each octet by the MD5 hash of '20'.

 
 
CVE-2002-2056

 

 
Cross-site scripting (XSS) vulnerability in TeeKai Forum 1.2 allows remote attackers to inject arbitrary web script or HTML via the valid_username_online cookie.

 
 
CVE-2002-2054

 

 
TeeKai Forum 1.2 allows remote attackers to authenticate as the administrator and and gain privileged web forum access by setting the valid_level cookie to admin.

 

 >>> Vendor: Teekai 2 Produkty
Teekai forum
Teekai tracking online


Copyright 2024, cxsecurity.com

 

Back to Top