VYPR

Tracking Online

by Teekai

CVEs (2)

  • CVE-2002-2058HigDec 31, 2002
    risk 0.49cvss 7.5epss 0.01

    TeeKai Tracking Online 1.0 uses weak encryption of web usage statistics in data/userlog/log.txt, which allows remote attackers to identify IP's visiting the site by dividing each octet by the MD5 hash of '20'.

  • CVE-2002-2055Dec 31, 2002
    risk 0.03cvss epss 0.04

    Cross-site scripting (XSS) vulnerability in userlog.php in TeeKai Tracking Online 1.0 allows remote attackers to inject arbitrary web script or HTML via the id parameter.