CVE-2003-0626
https://notcve.org/view.php?id=CVE-2003-0626
psdoccgi.exe in PeopleSoft PeopleTools 8.4 through 8.43 allows remote attackers to read arbitrary files via the (1) headername or (2) footername arguments. • http://archives.neohapsis.com/archives/vulnwatch/2003-q4/0042.html http://lists.grok.org.uk/pipermail/full-disclosure/2003-November/013652.html http://www.auscert.org.au/render.html?it=3610 http://www.secunia.com/advisories/10225 http://www.securityfocus.com/bid/9037 https://exchange.xforce.ibmcloud.com/vulnerabilities/13754 •
CVE-2003-0841
https://notcve.org/view.php?id=CVE-2003-0841
The grid option in PeopleSoft 8.42 stores temporary .xls files in guessable directories under the web document root, which allows remote attackers to steal search results by directly accessing the files via a URL request. La opción de rejilla en PeopleSoft 8.42 almacena ficheros .xls temporales en directorios predecibles bajo la raíz de documentos web, lo que permite a atacantes remotos robar resultados de búsquedas accediendo directamente a ellos mediante una petición URL. • http://marc.info/?l=bugtraq&m=106554919000847&w=2 •