Cahier De Textes : Security Vulnerabilities, CVEs, CVSS score >= 5
administration/index.php in Cahier de texte (CDT) 2.2 does not properly exit when authentication fails, which allows remote attackers to perform unauthorized administrative actions.
Max CVSS
7.5
EPSS Score
3.22%
Published
2006-12-31
Updated
2018-10-17
Cahier de texte 2.0 stores sensitive information under the web root, possibly with insufficient access control, which might allow remote attackers to obtain all users' passwords via a direct request for administration/dump.sql.
Max CVSS
5.0
EPSS Score
0.75%
Published
2006-12-04
Updated
2018-10-17
Multiple SQL injection vulnerabilities in Cahier de texte 2.0 allow remote attackers to execute arbitrary SQL commands via the (1) matiere_ID parameter in lire.php or the (2) classe_ID parameter in lire_a_faire.php.
Max CVSS
7.5
EPSS Score
0.33%
Published
2006-10-10
Updated
2018-10-17
3 vulnerabilities found