Lucene search
K
Michael DeanDouble Choco Latte

5 matches found

CVE
CVE
added 2003/04/02 5:0 a.m.53 views

CVE-2002-1039

The vulnerability CVE-2002-1039 affects Double Choco Latte (DCL) prior to 20020706. A directory traversal in the Projects: Attachments feature lets remote attackers read arbitrary files by manipulating .. sequences during file download. The impact is described as partial confidentiality loss. No ...

5CVSS6.7AI score0.01871EPSS
CVE
CVE
added 2005/03/26 5:0 a.m.44 views

CVE-2005-0887

The CVE-2005-0887 issue affects Double Choco Latte prior to 0.9.4.3. Root cause: eval() executed with user-supplied input via the menuAction variable in functions.inc.php or main.php, enabling remote arbitrary PHP code execution. Impact: partial confidentiality, integrity, and availability depend...

7.5CVSS7.8AI score0.02737EPSS
CVE
CVE
added 2005/03/26 5:0 a.m.39 views

CVE-2005-0888

The vulnerability CVE-2005-0888 affects Double Choco Latte 0.9.4.3, where two XSS flaws exist in functions.inc.php allowing remote attackers to inject arbitrary script or HTML via the (1) class or (2) method name. The issue arises from improper handling of input parameters in those functions, lea...

4.3CVSS5.8AI score0.0121EPSS
CVE
CVE
added 2002/08/31 4:0 a.m.38 views

CVE-2002-1037

CVE-2002-1037 describes a cross-site scripting vulnerability in Double Choco Latte (DCL) prior to 20020706. The issue allows remote attackers to inject arbitrary HTML, including script, into web pages via seven features: Ticket# Find, Priorities, Severities, Projects, WO# Find, Departments, and U...

5CVSS6.4AI score0.01864EPSS
CVE
CVE
added 2002/08/31 4:0 a.m.35 views

CVE-2002-1038

CVE-2002-1038 concerns Double Choco Latte (DCL) prior to 20020706, where upload handling does not properly verify the file uploaded. This allows remote attackers to perform certain operations on arbitrary files via the two features: (1) Projects: Upload File Attachment and (2) Work Orders: Import...

5CVSS6.8AI score0.01539EPSS