Dotproject: >> Dotproject >> 0.2.1.5 Security Vulnerabilities
dotProject before 2.1.2 does not properly restrict access to administrative pages, which allows remote attackers to gain privileges. NOTE: some of these details are obtained from third party information.
CVSS Score
6.8
EPSS Score
0.006
Published
2009-04-23
index.php in dotProject 0.2.1.5 allows remote attackers to bypass authentication via a cookie or URL with the user_cookie parameter set to 1.
CVSS Score
10.0
EPSS Score
0.027
Published
2003-04-11