Packetfence : Security Vulnerabilities, CVEs, CVSS score >= 7
The web_node_register function in web.pm in PacketFence before 3.0.2 might allow remote attackers to execute arbitrary code via unspecified vectors.
Max CVSS
7.5
EPSS Score
0.62%
Published
2012-08-31
Updated
2012-09-03
html/admin/login.php in PacketFence before 3.0.2 allows remote attackers to conduct LDAP injection attacks and consequently bypass authentication via a crafted username.
Max CVSS
9.8
EPSS Score
0.24%
Published
2018-02-01
Updated
2018-02-21
The check_password function in html/admin/login.php in PacketFence before 3.0.2 allows remote attackers to bypass authentication via an empty password.
Max CVSS
9.8
EPSS Score
0.37%
Published
2018-02-01
Updated
2018-02-21
3 vulnerabilities found