Vulnerabilities > Planerd NET

DATE CVE VULNERABILITY TITLE RISK
2007-03-06 CVE-2006-7114 Permissions, Privileges, and Access Controls vulnerability in Planerd.Net P-News
P-News 2.0 stores db/user.txt under the web document root with insufficient access control, which allows remote attackers to obtain sensitive information such as usernames and password hashes via a direct request.
network
low complexity
planerd-net CWE-264
5.0
2007-03-06 CVE-2006-7113 Improper Input Validation vulnerability in Planerd.Net P-News
Unrestricted file upload vulnerability in P-News 2.0 allows remote attackers to upload and execute arbitrary files via an avatar file.
network
low complexity
planerd-net CWE-20
7.5