Double Choco Latte@2002-02-15 Security Vulnerabilities and Issues — Double Choco Latte@2002-02-15 CVE List

Lucene search

Michael DeanDouble Choco Latte2002-02-15

3 matches found

CVE•added 2003/04/02 5:0 a.m.•40 views

CVE-2002-1039

Directory traversal vulnerability in Double Choco Latte (DCL) before 20020706 allows remote attackers to read arbitrary files via .. (dot dot) sequences when downloading files from the Projects: Attachments feature.

5CVSS6.7AI score0.02414EPSS

CVE•added 2002/10/04 4:0 a.m.•31 views

CVE-2002-1037

Cross-site scripting vulnerability in Double Choco Latte (DCL) before 20020706 allows remote attackers to inject arbitrary HTML, including script, into web pages via the (1) Ticket# Find, (2) Priorities, (3) Severities, (4) Projects, (5) WO# Find, (6) Departments and (7) Users features.

5CVSS6.4AI score0.0065EPSS

CVE•added 2002/10/04 4:0 a.m.•25 views

CVE-2002-1038

Double Choco Latte (DCL) before 20020706 does not properly verify if a file was uploaded, which allows remote attackers to conduct certain operations on arbitrary files via the (1) Projects: Upload File Attachment or (2) Work Orders: Import features.

5CVSS6.8AI score0.00501EPSS