CVE-2002-1038
published 2002-10-04CVE-2002-1038: Double Choco Latte (DCL) before 20020706 does not properly verify if a file was uploaded, which allows remote attackers to conduct certain operations on…
PriorityP420medium5CVSS 2.0
AVNACLAuNCNIPAN
EPSS
1.54%
71.8th percentile
Double Choco Latte (DCL) before 20020706 does not properly verify if a file was uploaded, which allows remote attackers to conduct certain operations on arbitrary files via the (1) Projects: Upload File Attachment or (2) Work Orders: Import features.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | dcl | — | — |
| michael_dean | double_choco_latte | — | — |
| michael_dean | double_choco_latte | — | — |
CVSS provenance
nvdv2.05.0MEDIUMAV:N/AC:L/Au:N/C:N/I:P/A:N
vendor_debian5.0LOW
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Debian
CVE-2002-1038: dcl - Double Choco Latte (DCL) before 20020706 does not properly verify if a file was ...
vendor_debian·2002·CVSS 5.0
CVE-2002-1038 [MEDIUM] CVE-2002-1038: dcl - Double Choco Latte (DCL) before 20020706 does not properly verify if a file was ...
Double Choco Latte (DCL) before 20020706 does not properly verify if a file was uploaded, which allows remote attackers to conduct certain operations on arbitrary files via the (1) Projects: Upload File Attachment or (2) Work Orders: Import features.
Scope: local
bookworm: resolved
bullseye: resolved
forky: resolved
sid: resolved
trixie: resolved
GHSA
GHSA-vpxr-gggm-p35f: Double Choco Latte (DCL) before 20020706 does not properly verify if a file was uploaded, which allows remote attackers to conduct certain operations
ghsa_unreviewed·2022-04-30
CVE-2002-1038 [MEDIUM] GHSA-vpxr-gggm-p35f: Double Choco Latte (DCL) before 20020706 does not properly verify if a file was uploaded, which allows remote attackers to conduct certain operations
Double Choco Latte (DCL) before 20020706 does not properly verify if a file was uploaded, which allows remote attackers to conduct certain operations on arbitrary files via the (1) Projects: Upload File Attachment or (2) Work Orders: Import features.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
http://archives.neohapsis.com/archives/vulnwatch/2002-q3/0022.htmlhttp://dcl.sourceforge.net/index.phphttp://marc.info/?l=bugtraq&m=102668783632589&w=2http://www.iss.net/security_center/static/9742.phphttp://archives.neohapsis.com/archives/vulnwatch/2002-q3/0022.htmlhttp://dcl.sourceforge.net/index.phphttp://marc.info/?l=bugtraq&m=102668783632589&w=2http://www.iss.net/security_center/static/9742.php
2002-10-04
Published