Filtered by vendor Petitforum Subscriptions
Total 2 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2003-1424 1 Petitforum 1 Petitforum 2024-11-21 N/A
message.php in Petitforum does not properly authenticate users, which allows remote attackers to impersonate forum users via a modified connect cookie.
CVE-2003-1423 4 Linux, Microsoft, Petitforum and 1 more 4 Linux Kernel, All Windows, Petitforum and 1 more 2024-11-21 N/A
Petitforum stores the liste.txt data file under the web document root with insufficient access control, which allows remote attackers to obtain sensitive information such as e-mail addresses and encrypted passwords.