Vulnerabilities (CVE)

Filtered by vendor Petitforum Subscribe
Filtered by product Petitforum
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2003-1424 1 Petitforum 1 Petitforum 2024-11-20 6.8 MEDIUM N/A
message.php in Petitforum does not properly authenticate users, which allows remote attackers to impersonate forum users via a modified connect cookie.
CVE-2003-1423 4 Linux, Microsoft, Petitforum and 1 more 4 Linux Kernel, All Windows, Petitforum and 1 more 2024-11-20 5.0 MEDIUM N/A
Petitforum stores the liste.txt data file under the web document root with insufficient access control, which allows remote attackers to obtain sensitive information such as e-mail addresses and encrypted passwords.