CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0CVE-2003-1424
https://notcve.org/view.php?id=CVE-2003-1424
message.php in Petitforum does not properly authenticate users, which allows remote attackers to impersonate forum users via a modified connect cookie. • http://securitytracker.com/id?1006117 https://exchange.xforce.ibmcloud.com/vulnerabilities/11359 • CWE-255: Credentials Management Errors •
CVSS: 5.0EPSS: 0%CPEs: 4EXPL: 1CVE-2003-1423
https://notcve.org/view.php?id=CVE-2003-1423
Petitforum stores the liste.txt data file under the web document root with insufficient access control, which allows remote attackers to obtain sensitive information such as e-mail addresses and encrypted passwords. • http://securitytracker.com/id?1006117 https://exchange.xforce.ibmcloud.com/vulnerabilities/11358 • CWE-264: Permissions, Privileges, and Access Controls •