MidnightBSD

Advisories for petitforum

CVE-2003-1423 MEDIUM

Petitforum stores the liste.txt data file under the web document root with insufficient access control, which allows remote attackers to obtain sensitive information such as e-mail addresses and encrypted passwords.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-264,

Products Affected

Vendor Product Version
petitforum petitforum *
CVE-2003-1424 MEDIUM

message.php in Petitforum does not properly authenticate users, which allows remote attackers to impersonate forum users via a modified connect cookie.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-255,

Products Affected

Vendor Product Version
petitforum petitforum *