PT-2002-2044 · Double Choco Latte · Double Choco Latte

Published

2002-08-31

Updated

2016-10-18

CVE-2002-1038

CVSS v2.0

5.0

Medium

Vector

AV:N/AC:L/Au:N/C:N/I:P/A:N

Name of the Vulnerable Software and Affected Versions: Double Choco Latte (DCL) versions prior to 20020706

Description: The issue arises from improper verification of file uploads, allowing remote attackers to perform certain operations on arbitrary files. This can be achieved through the Projects: Upload File Attachment or Work Orders: Import features.

Recommendations: For versions prior to 20020706, update to a version that includes the fix for this issue to prevent remote attackers from conducting operations on arbitrary files.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2002-1038

Affected Products

Double Choco Latte

PT-2002-2044 · Double Choco Latte · Double Choco Latte

CVE-2002-1038

Related Identifiers

Affected Products

References · 5