Cross-site request forgery (CSRF) vulnerability in lib/logout.php in DFLabs PTK 1.0.5 and earlier allows remote attackers to hijack the authentication of administrators or investigators for requests that trigger a logout.
Max CVSS
6.8
EPSS Score
0.36%
Published
2014-12-28
Updated
2014-12-29
Multiple unspecified vulnerabilities in DFLabs PTK 1.0.0 through 1.0.4 allow remote attackers to execute arbitrary commands in processes launched by PTK's Apache HTTP Server via (1) "external tools" or (2) a crafted forensic image.
Max CVSS
7.5
EPSS Score
2.34%
Published
2009-03-16
Updated
2017-08-17
Cross-site scripting (XSS) vulnerability in DFLabs PTK 1.0.0 through 1.0.4 allows remote attackers to inject arbitrary web script or HTML by providing a forensic image containing HTML documents, which are rendered in web browsers during inspection by PTK. NOTE: the vendor states that the product is intended for use in a laboratory with "no contact from / to internet."
Max CVSS
4.3
EPSS Score
0.33%
Published
2009-03-16
Updated
2017-08-17
3 vulnerabilities found