Total
210374 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2003-1148 | 1 Les Visiteurs | 1 Les Visiteurs | 2017-07-10 | 7.5 HIGH | N/A |
| Multiple PHP remote file inclusion vulnerabilities in J-Pierre DEZELUS Les Visiteurs 2.0.1, as used in phpMyConferences (phpMyConference) 8.0.2 and possibly other products, allow remote attackers to execute arbitrary PHP code via a URL in the lvc_include_dir parameter to (1) config.inc.php or (2) new-visitor.inc.php in common/visiteurs/include/. | |||||
| CVE-2003-1149 | 1 Symantec | 1 Norton Internet Security | 2017-07-10 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Symantec Norton Internet Security 2003 6.0.4.34 allows remote attackers to inject arbitrary web script or HTML via a URL to a blocked site, which is displayed on the blocked sites error page. | |||||
| CVE-2003-1150 | 1 Novell | 2 Netware, Zenworks Desktops | 2017-07-10 | 7.5 HIGH | N/A |
| Buffer overflow in the portmapper service (PMAP.NLM) in Novell NetWare 6 SP3 and ZenWorks for Desktops 3.2 SP2 through 4.0.1 allows remote attackers to cause a denial of service and possibly execute arbitrary code via unknown attack vectors. | |||||
| CVE-2003-1151 | 1 Fastream | 1 Netfile Ftp Web Server | 2017-07-10 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Fastream NETFile Server 6.0.3.588 allows remote attackers to inject arbitrary web script or HTML via the URL, which is displayed on a "404 Not Found" error page. | |||||
| CVE-2003-1152 | 1 Infrontech | 1 Webtide | 2017-07-10 | 5.0 MEDIUM | N/A |
| WebTide 7.04 allows remote attackers to list arbitrary directories via an HTTP request for %3f.jsp (encoded "?"). | |||||
| CVE-2003-1153 | 1 Bytehoard | 1 Bytehoard | 2017-07-10 | 5.0 MEDIUM | N/A |
| byteHoard 0.7 and 0.71 allows remote attackers to list arbitrary files and directories via a direct request to files.inc.php. | |||||
| CVE-2003-1154 | 1 Clearswift | 1 Mailsweeper | 2017-07-10 | 7.5 HIGH | N/A |
| MAILsweeper for SMTP 4.3 allows remote attackers to bypass virus protection via a mail message with a malformed zip attachment, as exploited by certain MIMAIL virus variants. | |||||
| CVE-2003-1155 | 1 X-cd-roast | 1 X-cd-roast | 2017-07-10 | 4.6 MEDIUM | N/A |
| X-CD-Roast 0.98 alpha10 through alpha14 allows local users to overwrite arbitrary files via a symlink attack on an unknown file. | |||||
| CVE-2003-1156 | 1 Sun | 2 Jdk, Jre | 2017-07-10 | 4.6 MEDIUM | N/A |
| Java Runtime Environment (JRE) and Software Development Kit (SDK) 1.4.2 through 1.4.2_02 allows local users to overwrite arbitrary files via a symlink attack on (1) unpack.log, as created by the unpack program, or (2) .mailcap1 and .mime.types1, as created by the RPM program. | |||||
| CVE-2003-1157 | 1 Citrix | 1 Metaframe | 2017-07-10 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in login.asp in Citrix MetaFrame XP Server 1.0 allows remote attackers to inject arbitrary web script or HTML via the NFuse_Message parameter. | |||||
| CVE-2003-1158 | 1 Plug And Play Software | 1 Plug And Play Web Server | 2017-07-10 | 5.0 MEDIUM | N/A |
| Multiple buffer overflows in the FTP service in Plug and Play Web Server 1.0002c allow remote attackers to cause a denial of service (crash) via long (1) dir, (2) ls, (3) delete, (4) mkdir, (5) DELE, (6) RMD, or (7) MKD commands. | |||||
| CVE-2003-1159 | 1 Plug And Play | 1 Plug And Play Web Server Proxy | 2017-07-10 | 5.0 MEDIUM | N/A |
| Plug and Play Web Server Proxy 1.0002c allows remote attackers to cause a denial of service (server crash) via an invalid URI in an HTTP GET request to TCP port 8080. | |||||
| CVE-2003-1160 | 1 Seyeon | 1 Flexwatch Network Video Server | 2017-07-10 | 10.0 HIGH | N/A |
| FlexWATCH Network video server 132 allows remote attackers to bypass authentication and gain administrative privileges via an HTTP request to aindex.htm that contains double leading slashes (//). | |||||
| CVE-2003-1162 | 1 Tritanium Scripts | 1 Tritanium Bulletin Board | 2017-07-10 | 5.0 MEDIUM | N/A |
| index.php in Tritanium Bulletin Board 1.2.3 allows remote attackers to read and reply to arbitrary messages by modifying the thread_id, forum_id, and sid parameters. | |||||
| CVE-2003-1163 | 1 Ganglia | 1 Gmond | 2017-07-10 | 5.0 MEDIUM | N/A |
| hash.c in Ganglia gmond 2.5.3 allows remote attackers to cause a denial of service (segmentation fault) via a UDP packet that contains a single-byte name string, which is used as an out-of-bounds array index. | |||||
| CVE-2003-1164 | 1 Mldonkey | 1 Mldonkey | 2017-07-10 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Mldonkey 2.5-4 allows remote attackers to inject arbitrary web script or HTML via the URI, which is injected into the HTML error page. | |||||
| CVE-2003-1165 | 1 Brs | 1 Webweaver | 2017-07-10 | 5.0 MEDIUM | N/A |
| Buffer overflow in BRS WebWeaver 1.06 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an HTTP request with a long User-Agent header. | |||||
| CVE-2003-1166 | 1 Http Commander | 1 Http Commander | 2017-07-10 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in (1) Openfile.aspx and (2) Html.aspx in HTTP Commander 4.0 allows remote attackers to view arbitrary files via a .. (dot dot) in the file parameter. | |||||
| CVE-2003-1167 | 1 Gernot Stocker | 1 Kpopup | 2017-07-10 | 7.2 HIGH | N/A |
| misc.cpp in KPopup 0.9.1 trusts the PATH variable when executing killall, which allows local users to elevate their privileges by modifying the PATH variable to reference a malicious killall program. | |||||
| CVE-2003-1169 | 1 Datev | 1 Nutzungskontrolle | 2017-07-10 | 4.6 MEDIUM | N/A |
| DATEV Nutzungskontrolle 2.1 and 2.2 has insecure write permissions for critical registry keys, which allows local users to bypass access restrictions by importing NukoInfo values in certain DATEV keys, which disables Nutzungskontrolle. | |||||