Search CVE reports
1 – 4 of 4 results
CVE-2008-5858
Medium priorityMultiple cross-site scripting (XSS) vulnerabilities in KnowledgeTree before 3.5.4a allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different issue than CVE-2007-4281.
1 affected package
knowledgetree
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| knowledgetree | — | — | — | — | — |
CVE-2008-5857
Medium priorityThe DropDocuments plugin in KnowledgeTree before 3.5.4a allows remote authenticated users to gain administrative privileges via a certain sequence of "browse documents" and dashboard requests.
1 affected package
knowledgetree
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| knowledgetree | — | — | — | — | — |
CVE-2007-2849
Unknown priorityKnowledgeTree Document Management (aka KnowledgeTree Open Source) before STABLE 3.3.7 does not require a password for an unregistered user, when the user exists in Active Directory, which allows remote attackers to log onto KTDMS...
1 affected package
knowledgetree
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| knowledgetree | — | — | — | — | — |
CVE-2006-2443
Unknown priorityThe Debian package of knowledgetree 2.0.7 creates environment.php with world-readable permissions, which allows local users to obtain sensitive information such as the username and password for the KnowledgeTree database.
1 affected package
knowledgetree
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| knowledgetree | — | — | — | — | — |