4 matches found
EUVD-2007-5461
Malware in sbrugna...
Information disclosure
dotProject before 2.1 does not properly check privileges when invoking the Companies module, which allows remote attackers to access this module via a crafted URL. NOTE: some of these details are obtained from third party information...
CVE-2007-5486
dotProject before 2.1 does not properly check privileges when invoking the Companies module, which allows remote attackers to access this module via a crafted URL. NOTE: some of these details are obtained from third party information...
CVE-2007-5486
CVE-2007-5486 affects dotProject before version 2.1, where the Companies module does not properly enforce privileges. This allows remote attackers to access the Companies module via a crafted URL. The issue is a privilege-check vulnerability leading to unauthorized access (partial confidentiality...