Total
27865 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2003-0585 | 1 Brooky | 1 Estore | 2016-10-17 | 7.5 HIGH | N/A |
| SQL injection vulnerability in login.asp of Brooky eStore 1.0.1 through 1.0.2b allows remote attackers to bypass authentication and execute arbitrary SQL code via the (1) user or (2) pass parameters. | |||||
| CVE-2003-0597 | 1 Sco | 1 Openserver | 2016-10-17 | 7.2 HIGH | N/A |
| Unknown vulnerability in display of Merge before 5.3.23a in UnixWare 7.1.x allows local users to gain root privileges. | |||||
| CVE-2003-0581 | 1 Xfstt | 1 Xfstt | 2016-10-17 | 7.5 HIGH | N/A |
| X Fontserver for Truetype fonts (xfstt) 1.4 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a (1) FS_QueryXExtents8 or (2) FS_QueryXBitmaps8 packet, and possibly other types of packets, with a large num_ranges value, which causes an out-of-bounds array access. | |||||
| CVE-2003-0559 | 1 Phpforum | 1 Phpforum | 2016-10-17 | 7.5 HIGH | N/A |
| mainfile.php in phpforum 2 RC-1, and possibly earlier versions, allows remote attackers to execute arbitrary PHP code by modifying the MAIN_PATH parameter to reference a URL on a remote web server that contains the code. | |||||
| CVE-2003-0590 | 1 Splatt | 1 Splatt Forum | 2016-10-17 | 7.1 HIGH | N/A |
| Cross-site scripting (XSS) vulnerability in Splatt Forum allows remote attackers to insert arbitrary HTML and web script via the post icon (image_subject) field. | |||||
| CVE-2003-0557 | 1 Lagarde | 1 Storefront | 2016-10-17 | 7.5 HIGH | N/A |
| SQL injection vulnerability in login.asp for StoreFront 6.0, and possibly earlier versions, allows remote attackers to obtain sensitive user information via SQL statements in the password field. | |||||
| CVE-2003-0589 | 1 Digi-fx | 1 Digi-news | 2016-10-17 | 10.0 HIGH | N/A |
| admin.php in Digi-ads 1.1 allows remote attackers to bypass authentication via a cookie with the username set to the name of the administrator, which satisfies an improper condition in admin.php that does not require a correct password. | |||||
| CVE-2003-0588 | 1 Digi-fx | 1 Digi-news | 2016-10-17 | 10.0 HIGH | N/A |
| admin.php in Digi-news 1.1 allows remote attackers to bypass authentication via a cookie with the username set to the name of the administrator, which satisfies an improper condition in admin.php that does not require a correct password. | |||||
| CVE-2003-0520 | 1 Cerulean Studios | 1 Trillian | 2016-10-17 | 5.0 MEDIUM | N/A |
| Trillian 1.0 Pro and 0.74 Freeware allows remote attackers to cause a denial of service (crash) via a TypingUser message in which the "TypingUser" string has been modified. | |||||
| CVE-2003-0478 | 5 Andromede, Bahamut, Daniel Moss and 2 more | 5 Adromedeircd, Ircd, Methane and 2 more | 2016-10-17 | 10.0 HIGH | N/A |
| Format string vulnerability in (1) Bahamut IRCd 1.4.35 and earlier, and other IRC daemons based on Bahamut including (2) digatech 1.2.1, (3) methane 0.1.1, (4) AndromedeIRCd 1.2.3-Release, and (5) ircd-RU, when running in debug mode, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a request containing format strings. | |||||
| CVE-2003-0480 | 1 Vmware | 1 Workstation | 2016-10-17 | 3.7 LOW | N/A |
| VMware Workstation 4.0 for Linux allows local users to overwrite arbitrary files and gain privileges via "symlink manipulation." | |||||
| CVE-2003-0490 | 1 Dantz | 1 Retrospect Client | 2016-10-17 | 7.2 HIGH | N/A |
| The installation of Dantz Retrospect Client 5.0.540 on MacOS X 10.2.6, and possibly other versions, creates critical directories and files with world-writable permissions, which allows local users to gain privileges as other users by replacing programs with malicious code. | |||||
| CVE-2003-0485 | 1 Progress | 1 4gl Compiler | 2016-10-17 | 4.6 MEDIUM | N/A |
| Buffer overflow in Progress 4GL Compiler 9.1D06 and earlier allows attackers to execute arbitrary code via source code containing a long, invalid data type. | |||||
| CVE-2003-0484 | 1 Phpbb Group | 1 Phpbb | 2016-10-17 | 6.8 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in viewtopic.php for phpBB allows remote attackers to insert arbitrary web script via the topic_id parameter. | |||||
| CVE-2003-0493 | 1 Snitz Communications | 1 Snitz Forums 2000 | 2016-10-17 | 10.0 HIGH | N/A |
| Snitz Forums 3.4.03 and earlier allows attackers to gain privileges as other users by stealing and replaying the encrypted password after obtaining a valid session ID. | |||||
| CVE-2003-0455 | 1 Imagemagick | 1 Libmagick Library | 2016-10-17 | 4.6 MEDIUM | N/A |
| The imagemagick libmagick library 5.5 and earlier creates temporary files insecurely, which allows local users to create or overwrite arbitrary files. | |||||
| CVE-2003-0467 | 1 Linux | 1 Linux Kernel | 2016-10-17 | 5.0 MEDIUM | N/A |
| Unknown vulnerability in ip_nat_sack_adjust of Netfilter in Linux kernels 2.4.20, and some 2.5.x, when CONFIG_IP_NF_NAT_FTP or CONFIG_IP_NF_NAT_IRC is enabled, or the ip_nat_ftp or ip_nat_irc modules are loaded, allows remote attackers to cause a denial of service (crash) in systems using NAT, possibly due to an integer signedness error. | |||||
| CVE-2003-0505 | 1 Microsoft | 1 Netmeeting | 2016-10-17 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in Microsoft NetMeeting 3.01 2000 before SP4 allows remote attackers to read arbitrary files via "..\.." (dot dot) sequences in a file transfer request. | |||||
| CVE-2003-0482 | 1 Gero Kohnert | 1 Tutos | 2016-10-17 | 7.5 HIGH | N/A |
| TUTOS 1.1 allows remote attackers to execute arbitrary code by uploading the code using file_new.php, then directly accessing the uploaded code via a request to the repository containing the code. | |||||
| CVE-2003-0504 | 1 Phpgroupware | 1 Phpgroupware | 2016-10-17 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Phpgroupware 0.9.14.003 (aka webdistro) allow remote attackers to insert arbitrary HTML or web script, as demonstrated with a request to index.php in the addressbook module. | |||||