Vulnerabilities > Viewvc > Viewvc > 1.0.3
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2008-03-24 | CVE-2008-1291 | Information Exposure vulnerability in Viewvc 1.0.2/1.0.3 ViewVC before 1.0.5 stores sensitive information under the web root with insufficient access control, which allows remote attackers to read files and list folders under the hidden CVSROOT folder. | 4.3 |
2008-03-24 | CVE-2008-1290 | Information Exposure vulnerability in Viewvc 1.0.2/1.0.3 ViewVC before 1.0.5 includes "all-forbidden" files within search results that list CVS or Subversion (SVN) commits, which allows remote attackers to obtain sensitive information. | 4.3 |