Pdfdirectory Pdfdirectory : Security vulnerabilities, CVEs

Copy

CVE-2006-0314

PDFdirectory before 1.0 stores sensitive data in plaintext, which allows remote attackers to obtain arbitrary users' passwords by direct queries to the database, possibly via one of the SQL injection vulnerabilities.

Max CVSS

7.5

EPSS Score

0.12%

Published

2006-01-19

Updated

2011-03-08

CVE-2006-0313

Multiple SQL injection vulnerabilities in PDFdirectory before 1.0 allow remote attackers to execute arbitrary SQL commands via multiple unspecified vectors involving (1) util.php, (2) userpref.php, (3) user.php, (4) uploadfrm.php, (5) title.php, (6) team.php, (7) stats.php, (8) page.php, (9) org.php, (10) member.php, (11) index.php, (12) group.php, or (13) anniv.php.

Max CVSS

7.5

EPSS Score

0.57%

Published

2006-01-19

Updated

2011-03-08

2 vulnerabilities found

This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!