245451
|
7.5 |
HIGH
|
lagarde
|
storefront
|
SQL injection vulnerability in login.asp for StoreFront 6.0, and possibly earlier versions, allows remote attackers to obtain sensitive user information via SQL statements in the password field.
|
NVD-CWE-Other
|
CVE-2003-0557
|
2016-10-18 11:35 |
2003-08-18 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
245452
|
7.5 |
HIGH
|
lagarde
|
storefront
|
This issue was addressed in a hot fix for StoreFront 6.1 in late January 2004.
|
NVD-CWE-Other
|
CVE-2003-0557
|
2016-10-18 11:35 |
2003-08-18 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
245453
|
7.5 |
HIGH
|
leapware
|
leapftp
|
Buffer overflow in LeapFTP 2.7.3.600 allows remote FTP servers to execute arbitrary code via a long IP address response to a PASV request.
|
NVD-CWE-Other
|
CVE-2003-0558
|
2016-10-18 11:35 |
2003-08-18 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
245454
|
7.5 |
HIGH
|
phpforum
|
phpforum
|
mainfile.php in phpforum 2 RC-1, and possibly earlier versions, allows remote attackers to execute arbitrary PHP code by modifying the MAIN_PATH parameter to reference a URL on a remote web server th…
|
NVD-CWE-Other
|
CVE-2003-0559
|
2016-10-18 11:35 |
2003-08-18 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
245455
|
10.0 |
HIGH
|
virtual_programming
|
vp-asp
|
SQL injection vulnerability in shopexd.asp for VP-ASP allows remote attackers to gain administrator privileges via the id parameter.
|
NVD-CWE-Other
|
CVE-2003-0560
|
2016-10-18 11:35 |
2003-08-18 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
245456
|
7.5 |
HIGH
|
iglooftp
|
iglooftp_pro
|
Multiple buffer overflows in IglooFTP PRO 3.8 allow remote FTP servers to execute arbitrary code via (1) a long FTP banner, or long responses to the client commands (2) USER, (3) PASS, (4) ACCT, and …
|
NVD-CWE-Other
|
CVE-2003-0561
|
2016-10-18 11:35 |
2003-08-18 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
245457
|
5.0 |
MEDIUM
|
novell
|
netware
|
Buffer overflow in the CGI2PERL.NLM PERL handler in Novell Netware 5.1 and 6.0 allows remote attackers to cause a denial of service (ABEND) via a long input string.
|
NVD-CWE-Other
|
CVE-2003-0562
|
2016-10-18 11:35 |
2003-08-27 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
245458
|
4.6 |
MEDIUM
|
ibm
|
u2_universe
|
uvadmsh in IBM U2 UniVerse 10.0.0.9 and earlier trusts the user-supplied -uv.install command line option to find and execute the uv.install program, which allows local users to gain privileges by pro…
|
NVD-CWE-Other
|
CVE-2003-0579
|
2016-10-18 11:35 |
2003-08-18 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
245459
|
7.2 |
HIGH
|
ibm
|
u2_universe
|
Buffer overflow in uvadmsh in IBM U2 UniVerse 10.0.0.9 and earlier allows the uvadm user to execute arbitrary code via a long -uv.install command line argument.
|
NVD-CWE-Other
|
CVE-2003-0580
|
2016-10-18 11:35 |
2003-08-18 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
245460
|
7.5 |
HIGH
|
xfstt
|
xfstt
|
X Fontserver for Truetype fonts (xfstt) 1.4 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a (1) FS_QueryXExtents8 or (2) FS_QueryXBitmaps8 packet, and p…
|
NVD-CWE-Other
|
CVE-2003-0581
|
2016-10-18 11:35 |
2003-08-18 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
245461
|
7.2 |
HIGH
|
tolis_group
|
bru
|
Buffer overflow in Backup and Restore Utility for Unix (BRU) 17.0 and earlier, when running setuid, allows local users to execute arbitrary code via a long command line argument.
|
NVD-CWE-Other
|
CVE-2003-0583
|
2016-10-18 11:35 |
2003-08-18 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
245462
|
7.2 |
HIGH
|
tolis_group
|
bru
|
Format string vulnerability in Backup and Restore Utility for Unix (BRU) 17.0 and earlier, when running setuid, allows local users to execute arbitrary code via format string specifiers in a command …
|
NVD-CWE-Other
|
CVE-2003-0584
|
2016-10-18 11:35 |
2003-08-18 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
245463
|
7.5 |
HIGH
|
brooky
|
estore
|
SQL injection vulnerability in login.asp of Brooky eStore 1.0.1 through 1.0.2b allows remote attackers to bypass authentication and execute arbitrary SQL code via the (1) user or (2) pass parameters.
|
NVD-CWE-Other
|
CVE-2003-0585
|
2016-10-18 11:35 |
2003-08-18 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
245464
|
7.5 |
HIGH
|
brooky
|
estore
|
Brooky eStore 1.0.1 through 1.0.2b allows remote attackers to obtain sensitive path information via a direct HTTP request to settings.inc.php.
|
NVD-CWE-Other
|
CVE-2003-0586
|
2016-10-18 11:35 |
2003-08-18 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
245465
|
6.9 |
MEDIUM
|
infopop
|
ultimate_bulletin_board
|
Cross-site scripting (XSS) vulnerability in Infopop Ultimate Bulletin Board (UBB) 6.x allows remote authenticated users to execute arbitrary web script and gain administrative access via the "display…
|
NVD-CWE-Other
|
CVE-2003-0587
|
2016-10-18 11:35 |
2003-08-18 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
245466
|
10.0 |
HIGH
|
digi-fx
|
digi-news
|
admin.php in Digi-news 1.1 allows remote attackers to bypass authentication via a cookie with the username set to the name of the administrator, which satisfies an improper condition in admin.php tha…
|
NVD-CWE-Other
|
CVE-2003-0588
|
2016-10-18 11:35 |
2003-08-18 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
245467
|
10.0 |
HIGH
|
digi-fx
|
digi-news
|
admin.php in Digi-ads 1.1 allows remote attackers to bypass authentication via a cookie with the username set to the name of the administrator, which satisfies an improper condition in admin.php that…
|
NVD-CWE-Other
|
CVE-2003-0589
|
2016-10-18 11:35 |
2003-08-18 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
245468
|
7.1 |
HIGH
|
splatt
|
splatt_forum
|
Cross-site scripting (XSS) vulnerability in Splatt Forum allows remote attackers to insert arbitrary HTML and web script via the post icon (image_subject) field.
|
NVD-CWE-Other
|
CVE-2003-0590
|
2016-10-18 11:35 |
2003-08-18 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
245469
|
7.2 |
HIGH
|
sco
|
openserver
|
Unknown vulnerability in display of Merge before 5.3.23a in UnixWare 7.1.x allows local users to gain root privileges.
|
NVD-CWE-Other
|
CVE-2003-0597
|
2016-10-18 11:35 |
2003-08-27 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
245470
|
4.6 |
MEDIUM
|
hugo_rabson
|
mindi
|
mindi 0.58 and earlier does not properly create temporary files, which allows local users to overwrite arbitrary files.
|
NVD-CWE-Other
|
CVE-2003-0617
|
2016-10-18 11:35 |
2003-08-27 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
245471
|
4.6 |
MEDIUM
|
andries_brouwer
|
man
|
Multiple buffer overflows in man-db 2.4.1 and earlier, when installed setuid, allow local users to gain privileges via (1) MANDATORY_MANPATH, MANPATH_MAP, and MANDB_MAP arguments to add_to_dirlist in…
|
NVD-CWE-Other
|
CVE-2003-0620
|
2016-10-18 11:35 |
2003-08-27 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
245472
|
10.0 |
HIGH
|
ehud_gavron
|
traceroute-nanog
|
traceroute-nanog 6.1.1 allows local users to overwrite unauthorized memory and possibly execute arbitrary code via certain "nprobes" and "max_ttl" arguments that cause an integer overflow that is use…
|
NVD-CWE-Other
|
CVE-2003-0453
|
2016-10-18 11:34 |
2003-08-7 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
245473
|
4.6 |
MEDIUM
|
imagemagick
|
libmagick_library
|
The imagemagick libmagick library 5.5 and earlier creates temporary files insecurely, which allows local users to create or overwrite arbitrary files.
|
NVD-CWE-Other
|
CVE-2003-0455
|
2016-10-18 11:34 |
2003-08-7 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
245474
|
5.0 |
MEDIUM
|
linux
|
linux_kernel
|
Unknown vulnerability in ip_nat_sack_adjust of Netfilter in Linux kernels 2.4.20, and some 2.5.x, when CONFIG_IP_NF_NAT_FTP or CONFIG_IP_NF_NAT_IRC is enabled, or the ip_nat_ftp or ip_nat_irc modules…
|
NVD-CWE-Other
|
CVE-2003-0467
|
2016-10-18 11:34 |
2003-08-27 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
245475
|
7.5 |
HIGH
|
alt-n
|
webadmin
|
Buffer overflow in WebAdmin.exe for WebAdmin allows remote attackers to execute arbitrary code via an HTTP request to WebAdmin.dll with a long USER argument.
|
NVD-CWE-Other
|
CVE-2003-0471
|
2016-10-18 11:34 |
2003-08-7 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
245476
|
5.0 |
MEDIUM
|
ashley_brown
|
iweb_server
|
Directory traversal vulnerability in iWeb Server allows remote attackers to read arbitrary files via an HTTP request containing .. sequences, a different vulnerability than CVE-2003-0475.
|
NVD-CWE-Other
|
CVE-2003-0474
|
2016-10-18 11:34 |
2003-08-7 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
245477
|
5.0 |
MEDIUM
|
ashley_brown
|
iweb_server
|
Directory traversal vulnerability in iWeb Server 2 allows remote attackers to read arbitrary files via an HTTP request containing URL-encoded .. sequences ("%5c%2e%2e"), a different vulnerability tha…
|
NVD-CWE-Other
|
CVE-2003-0475
|
2016-10-18 11:34 |
2003-08-7 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
245478
|
5.0 |
MEDIUM
|
wzdftpd
|
wzdftpd
|
wzdftpd 0.1rc4 and earlier allows remote attackers to cause a denial of service (crash) via a PORT command without an argument.
|
NVD-CWE-Other
|
CVE-2003-0477
|
2016-10-18 11:34 |
2003-08-7 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
245479
|
10.0 |
HIGH
|
andromede daniel_moss hans_westerhof wenet bahamut
|
adromedeircd methane digatech ircd-ru ircd
|
Format string vulnerability in (1) Bahamut IRCd 1.4.35 and earlier, and other IRC daemons based on Bahamut including (2) digatech 1.2.1, (3) methane 0.1.1, (4) AndromedeIRCd 1.2.3-Release, and (5) ir…
|
NVD-CWE-Other
|
CVE-2003-0478
|
2016-10-18 11:34 |
2003-08-7 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
245480
|
4.3 |
MEDIUM
|
affordable_web_space_design
|
affordable_web_space_design_webbbs
|
Cross-site scripting (XSS) vulnerability in the guestbook for WebBBS allows remote attackers to insert arbitrary web script via the (1) Name, (2) Email, or (3) Message fields.
|
NVD-CWE-Other
|
CVE-2003-0479
|
2016-10-18 11:34 |
2003-08-7 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
245481
|
3.7 |
LOW
|
vmware
|
workstation
|
VMware Workstation 4.0 for Linux allows local users to overwrite arbitrary files and gain privileges via "symlink manipulation."
|
NVD-CWE-Other
|
CVE-2003-0480
|
2016-10-18 11:34 |
2003-08-7 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
245482
|
4.3 |
MEDIUM
|
gero_kohnert
|
tutos
|
Multiple cross-site scripting (XSS) vulnerabilities in TUTOS 1.1 allow remote attackers to insert arbitrary web script, as demonstrated using the msg parameter to file_select.php.
|
NVD-CWE-Other
|
CVE-2003-0481
|
2016-10-18 11:34 |
2003-08-7 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
245483
|
7.5 |
HIGH
|
gero_kohnert
|
tutos
|
TUTOS 1.1 allows remote attackers to execute arbitrary code by uploading the code using file_new.php, then directly accessing the uploaded code via a request to the repository containing the code.
|
NVD-CWE-Other
|
CVE-2003-0482
|
2016-10-18 11:34 |
2003-08-7 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
245484
|
6.8 |
MEDIUM
|
phpbb_group
|
phpbb
|
Cross-site scripting (XSS) vulnerability in viewtopic.php for phpBB allows remote attackers to insert arbitrary web script via the topic_id parameter.
|
NVD-CWE-Other
|
CVE-2003-0484
|
2016-10-18 11:34 |
2003-08-7 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
245485
|
4.6 |
MEDIUM
|
progress
|
4gl_compiler
|
Buffer overflow in Progress 4GL Compiler 9.1D06 and earlier allows attackers to execute arbitrary code via source code containing a long, invalid data type.
|
NVD-CWE-Other
|
CVE-2003-0485
|
2016-10-18 11:34 |
2003-08-7 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
245486
|
7.2 |
HIGH
|
dantz
|
retrospect_client
|
The installation of Dantz Retrospect Client 5.0.540 on MacOS X 10.2.6, and possibly other versions, creates critical directories and files with world-writable permissions, which allows local users to…
|
NVD-CWE-Other
|
CVE-2003-0490
|
2016-10-18 11:34 |
2003-08-7 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
245487
|
7.5 |
HIGH
|
mytutorials
|
tutorials
|
The Tutorials 2.0 module in XOOPS and E-XOOPS allows remote attackers to execute arbitrary code by uploading a PHP file without a MIME image type, then directly accessing the uploaded file.
|
NVD-CWE-Other
|
CVE-2003-0491
|
2016-10-18 11:34 |
2003-08-7 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
245488
|
10.0 |
HIGH
|
snitz_communications
|
snitz_forums_2000
|
Snitz Forums 3.4.03 and earlier allows attackers to gain privileges as other users by stealing and replaying the encrypted password after obtaining a valid session ID.
|
NVD-CWE-Other
|
CVE-2003-0493
|
2016-10-18 11:34 |
2003-08-7 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
245489
|
7.5 |
HIGH
|
microsoft
|
windows_2000
|
Buffer overflow in the ShellExecute API function of SHELL32.DLL in Windows 2000 before SP4 may allow attackers to cause a denial of service or execute arbitrary code via a long third argument.
|
NVD-CWE-Other
|
CVE-2003-0503
|
2016-10-18 11:34 |
2003-08-7 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
245490
|
4.3 |
MEDIUM
|
phpgroupware
|
phpgroupware
|
Multiple cross-site scripting (XSS) vulnerabilities in Phpgroupware 0.9.14.003 (aka webdistro) allow remote attackers to insert arbitrary HTML or web script, as demonstrated with a request to index.p…
|
NVD-CWE-Other
|
CVE-2003-0504
|
2016-10-18 11:34 |
2003-08-7 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
245491
|
5.0 |
MEDIUM
|
microsoft
|
netmeeting
|
Directory traversal vulnerability in Microsoft NetMeeting 3.01 2000 before SP4 allows remote attackers to read arbitrary files via "..\.." (dot dot) sequences in a file transfer request.
|
NVD-CWE-Other
|
CVE-2003-0505
|
2016-10-18 11:34 |
2003-08-7 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
245492
|
5.0 |
MEDIUM
|
microsoft
|
netmeeting
|
Microsoft NetMeeting 3.01 2000 before SP4 allows remote attackers to cause a denial of service (shutdown of NetMeeting conference) via malformed packets, as demonstrated via the chat conversation.
|
NVD-CWE-Other
|
CVE-2003-0506
|
2016-10-18 11:34 |
2003-08-7 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
245493
|
7.5 |
HIGH
|
microsoft
|
windows_2000
|
Stack-based buffer overflow in Active Directory in Windows 2000 before SP4 allows remote attackers to cause a denial of service (reboot) and possibly execute arbitrary code via an LDAP version 3 sear…
|
NVD-CWE-Other
|
CVE-2003-0507
|
2016-10-18 11:34 |
2003-08-7 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
245494
|
7.5 |
HIGH
|
adobe
|
acrobat_reader
|
Buffer overflow in the WWWLaunchNetscape function of Adobe Acrobat Reader (acroread) 5.0.7 and earlier allows remote attackers to execute arbitrary code via a .pdf file with a long mailto link.
|
NVD-CWE-Other
|
CVE-2003-0508
|
2016-10-18 11:34 |
2003-08-7 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
245495
|
7.5 |
HIGH
|
ezbounce
|
ezbounce
|
Format string vulnerability in ezbounce 1.0 through 1.50 allows remote attackers to execute arbitrary code via the "sessions" command.
|
NVD-CWE-Other
|
CVE-2003-0510
|
2016-10-18 11:34 |
2003-08-7 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
245496
|
5.0 |
MEDIUM
|
cerulean_studios
|
trillian
|
Trillian 1.0 Pro and 0.74 Freeware allows remote attackers to cause a denial of service (crash) via a TypingUser message in which the "TypingUser" string has been modified.
|
NVD-CWE-Other
|
CVE-2003-0520
|
2016-10-18 11:34 |
2003-08-18 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
245497
|
6.8 |
MEDIUM
|
cpanel
|
cpanel
|
Cross-site scripting (XSS) vulnerability in cPanel 6.4.2 allows remote attackers to insert arbitrary HTML and possibly gain cPanel administrator privileges via script in a URL that is logged but not …
|
NVD-CWE-Other
|
CVE-2003-0521
|
2016-10-18 11:34 |
2003-08-18 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
245498
|
6.8 |
MEDIUM
|
cpanel
|
cpanel
|
This vulnerability is addressed in the following product release:
cPanel, cPanel, 7.0
|
NVD-CWE-Other
|
CVE-2003-0521
|
2016-10-18 11:34 |
2003-08-18 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
245499
|
10.0 |
HIGH
|
early_impact
|
productcart
|
Multiple SQL injection vulnerabilities in ProductCart 1.5 through 2 allow remote attackers to (1) gain access to the admin control panel via the idadmin parameter to login.asp or (2) gain other privi…
|
NVD-CWE-Other
|
CVE-2003-0522
|
2016-10-18 11:34 |
2003-08-18 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
245500
|
6.8 |
MEDIUM
|
early_impact
|
productcart
|
Cross-site scripting (XSS) vulnerability in msg.asp for certain versions of ProductCart allow remote attackers to execute arbitrary web script via the message parameter.
|
NVD-CWE-Other
|
CVE-2003-0523
|
2016-10-18 11:34 |
2003-08-18 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|