Vulnerabilities > Michael Dean > Double Choco Latte > 2002.01.20
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2002-10-04 | CVE-2002-1039 | Directory Traversal vulnerability in Michael Dean Double Choco Latte 20020120/20020215 Directory traversal vulnerability in Double Choco Latte (DCL) before 20020706 allows remote attackers to read arbitrary files via .. | 5.0 |
2002-10-04 | CVE-2002-1038 | Remote Security vulnerability in Michael Dean Double Choco Latte 20020120/20020215 Double Choco Latte (DCL) before 20020706 does not properly verify if a file was uploaded, which allows remote attackers to conduct certain operations on arbitrary files via the (1) Projects: Upload File Attachment or (2) Work Orders: Import features. | 5.0 |
2002-10-04 | CVE-2002-1037 | HTML Injection vulnerability in Michael Dean Double Choco Latte 20020120/20020215 Cross-site scripting vulnerability in Double Choco Latte (DCL) before 20020706 allows remote attackers to inject arbitrary HTML, including script, into web pages via the (1) Ticket# Find, (2) Priorities, (3) Severities, (4) Projects, (5) WO# Find, (6) Departments and (7) Users features. | 5.0 |