CVE-2007-5486
CVE-2007-5486 affects dotProject before version 2.1, where the Companies module does not properly enforce privileges. This allows remote attackers to access the Companies module via a crafted URL. The issue is a privilege-check vulnerability leading to unauthorized access (partial confidentiality...