Vulnerabilities > Planerd NET
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2007-03-06 | CVE-2006-7114 | Permissions, Privileges, and Access Controls vulnerability in Planerd.Net P-News P-News 2.0 stores db/user.txt under the web document root with insufficient access control, which allows remote attackers to obtain sensitive information such as usernames and password hashes via a direct request. | 5.0 |
2007-03-06 | CVE-2006-7113 | Improper Input Validation vulnerability in Planerd.Net P-News Unrestricted file upload vulnerability in P-News 2.0 allows remote attackers to upload and execute arbitrary files via an avatar file. | 7.5 |