|
266641
|
- |
|
amxmod.net
|
amx_mod
|
Format string vulnerability in AMX 0.9.2 and earlier, a plugin for Valve Software's Half-Life Server, allows remote attackers to execute arbitrary commands via format string specifiers in the amx_say…
|
CWE-134
Use of Externally-Controlled Format String
|
CVE-2003-1381
|
2017-07-29 10:29 |
2003-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266642
|
- |
|
instantservers_inc.
|
ismail
|
Buffer overflow in ISMail 1.4.3 and earlier allow remote attackers to execute arbitrary code via long domain names in (1) MAIL FROM or (2) RCPT TO fields.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2003-1382
|
2017-07-29 10:29 |
2003-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266643
|
- |
|
logicworks
|
web_erp
|
WEB-ERP 0.1.4 and earlier allows remote attackers to obtain sensitive information via an HTTP request for the logicworks.ini file, which contains the MySQL database username and password.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2003-1383
|
2017-07-29 10:29 |
2003-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266644
|
- |
|
py_software
|
py-livredor
|
Cross-site scripting (XSS) vulnerability in index.php in PY-Livredor 1.0 allows remote attackers to insert arbitrary web script or HTML via the (1) titre, (2) Votre pseudo, (3) Votre e-mail, or (4) V…
|
CWE-79
Cross-site Scripting
|
CVE-2003-1384
|
2017-07-29 10:29 |
2003-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266645
|
- |
|
invision_power_services
|
invision_power_board
|
ipchat.php in Invision Power Board 1.1.1 allows remote attackers to execute arbitrary PHP code, if register_globals is enabled, by modifying the root_path parameter to reference a URL on a remote web…
|
CWE-94
Code Injection
|
CVE-2003-1385
|
2017-07-29 10:29 |
2003-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266646
|
- |
|
axis
|
2400_video_server
2401_video_server
|
AXIS 2400 Video Server 2.00 through 2.33 allows remote attackers to obtain sensitive information via an HTTP request to /support/messages, which displays the server's /var/log/messages file.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2003-1386
|
2017-07-29 10:29 |
2003-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266647
|
- |
|
research_triangle_software
|
cryptobuddy
|
RTS CryptoBuddy 1.2 and earlier truncates long passphrases without warning the user, which may make it easier to conduct certain brute force guessing attacks.
|
CWE-310
Cryptographic Issues
|
CVE-2003-1389
|
2017-07-29 10:29 |
2003-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266648
|
- |
|
research_triangle_software
|
cryptobuddy
|
RTS CryptoBuddy 1.2 and earlier stores bytes 53 through 55 of a 55-byte passphrase in plaintext, which makes it easier for local users to guess the passphrase.
|
CWE-310
Cryptographic Issues
|
CVE-2003-1390
|
2017-07-29 10:29 |
2003-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266649
|
- |
|
research_triangle_software
|
cryptobuddy
|
RTS CryptoBuddy 1.0 and 1.2 uses a weak encryption algorithm for the passphrase and generates predictable keys, which makes it easier for attackers to guess the passphrase.
|
CWE-310
Cryptographic Issues
|
CVE-2003-1391
|
2017-07-29 10:29 |
2003-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266650
|
- |
|
research_triangle_software
microsoft
|
cryptobuddy
all_windows
|
CryptoBuddy 1.0 and 1.2 does not use the user-supplied passphrase to encrypt data, which could allow local users to use their own passphrase to decrypt the data.
|
CWE-310
Cryptographic Issues
|
CVE-2003-1392
|
2017-07-29 10:29 |
2003-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
