Produkt Petitforum (...) - CVEMAP.ORG

Podatności dla 'Petitforum'

2003-12-31

CVE-2003-1424

message.php in Petitforum does not properly authenticate users, which allows remote attackers to impersonate forum users via a modified connect cookie.

CVE-2003-1423

Petitforum stores the liste.txt data file under the web document root with insufficient access control, which allows remote attackers to obtain sensitive information such as e-mail addresses and encrypted passwords.

Copyright 2024, cxsecurity.com