Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.5

    HIGH
    CVE-2003-1148

    Multiple PHP remote file inclusion vulnerabilities in J-Pierre DEZELUS Les Visiteurs 2.0.1, as used in phpMyConferences (phpMyConference) 8.0.2 and possibly other products, allow remote attackers to execute arbitrary PHP code via a URL in the lvc_include_... Read more

    Affected Products : les_visiteurs
    • EPSS Score: %8.38
    • Published: Oct. 25, 2003
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2003-1181

    Advanced Poll 2.0.2 allows remote attackers to obtain sensitive information via an HTTP request to info.php, which invokes the phpinfo() function.... Read more

    Affected Products : advanced_poll
    • EPSS Score: %7.54
    • Published: Oct. 25, 2003
    • Modified: Apr. 03, 2025

  • 4.3

    MEDIUM
    CVE-2003-1136

    Cross-site scripting (XSS) vulnerability in Chi Kien Uong Guestbook 1.51 allows remote attackers to inject arbitrary web script or HTML via (1) HTML in a posted message or (2) Javascript in an onmouseover attribute in an e-mail address or URL.... Read more

    Affected Products : chi_kien_uong_guestbook
    • EPSS Score: %1.89
    • Published: Oct. 23, 2003
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2003-0724

    ssh on HP Tru64 UNIX 5.1B and 5.1A does not properly handle RSA signatures when digital certificates and RSA keys are used, which could allow local and remote attackers to gain privileges.... Read more

    Affected Products : tru64
    • EPSS Score: %0.30
    • Published: Oct. 20, 2003
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2003-0709

    Buffer overflow in the whois client, which is not setuid but is sometimes called from within CGI programs, may allow remote attackers to execute arbitrary code via a long command line option.... Read more

    Affected Products : whois
    • EPSS Score: %2.86
    • Published: Oct. 20, 2003
    • Modified: Apr. 03, 2025

  • 6.8

    MEDIUM
    CVE-2003-0749

    Cross-site scripting (XSS) vulnerability in wgate.dll for SAP Internet Transaction Server (ITS) 4620.2.0.323011 allows remote attackers to insert arbitrary web script and steal cookies via the ~service parameter.... Read more

    Affected Products : internet_transaction_server
    • EPSS Score: %5.52
    • Published: Oct. 20, 2003
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2003-0732

    CiscoWorks Common Management Foundation (CMF) 2.1 and earlier allows the guest user to obtain restricted information and possibly gain administrative privileges by changing the "guest" user to the Admin user on the Modify or delete users pages.... Read more

    • EPSS Score: %0.38
    • Published: Oct. 20, 2003
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2003-0751

    SQL injection vulnerability in pass_done.php for PY-Membres 4.2 and earlier allows remote attackers to execute arbitrary SQL queries via the email parameter.... Read more

    Affected Products : py-membres
    • EPSS Score: %0.52
    • Published: Oct. 20, 2003
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2003-0702

    Unknown vulnerability in an ISAPI plugin for ISS Server Sensor 7.0 XPU 20.16, 20.18, and possibly other versions before 20.19, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code in Internet Information Server ... Read more

    Affected Products : realsecure_server_sensor
    • EPSS Score: %1.98
    • Published: Oct. 20, 2003
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2003-0727

    Multiple buffer overflows in the XML Database (XDB) functionality for Oracle 9i Database Release 2 allow local users to cause a denial of service or hijack user sessions.... Read more

    Affected Products : database_server
    • EPSS Score: %85.76
    • Published: Oct. 20, 2003
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2003-0754

    nphpd.php in newsPHP 216 and earlier allows remote attackers to bypass authentication via an HTTP request with a modified nphp_users array, which is used for authentication.... Read more

    Affected Products : newsphp
    • EPSS Score: %0.40
    • Published: Oct. 20, 2003
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2003-0750

    secure.php in PY-Membres 4.2 and earlier allows remote attackers to bypass authentication by setting the adminpy parameter.... Read more

    Affected Products : py-membres
    • EPSS Score: %0.34
    • Published: Oct. 20, 2003
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2003-0658

    Docview before 1.1-18 in Caldera OpenLinux 3.1.1, SCO Linux 4.0, OpenServer 5.0.7, configures the Apache web server in a way that allows remote attackers to read arbitrary publicly readable files via a certain URL, possibly related to rewrite rules.... Read more

    • EPSS Score: %0.39
    • Published: Oct. 20, 2003
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2003-0731

    CiscoWorks Common Management Foundation (CMF) 2.1 and earlier allows the guest user to gain administrative privileges via a certain POST request to com.cisco.nm.cmf.servlet.CsAuthServlet, possibly involving the "cmd" parameter with a modifyUser value and ... Read more

    • EPSS Score: %0.38
    • Published: Oct. 20, 2003
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2003-0756

    Directory traversal vulnerability in sitebuilder.cgi in SiteBuilder 1.4 allows remote attackers to read arbitrary files via .. (dot dot) sequences in the selectedpage parameter.... Read more

    Affected Products : sitebuilder
    • EPSS Score: %0.39
    • Published: Oct. 20, 2003
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2003-0707

    Buffer overflow in LinuxNode (node) before 0.3.2 allows remote attackers to execute arbitrary code.... Read more

    Affected Products : linuxnode
    • EPSS Score: %2.04
    • Published: Oct. 20, 2003
    • Modified: Apr. 03, 2025

  • 6.8

    MEDIUM
    CVE-2003-0736

    Multiple cross-site scripting (XSS) vulnerabilities in phpWebSite 0.9.x and earlier allow remote attackers to execute arbitrary web script via (1) the day parameter in the calendar module, (2) the fatcat_id parameter in the fatcat module, (3) the PAGE_id ... Read more

    Affected Products : phpwebsite
    • EPSS Score: %1.11
    • Published: Oct. 20, 2003
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2003-0737

    The calendar module in phpWebSite 0.9.x and earlier allows remote attackers to obtain the full pathname of phpWebSite via an invalid year, which generates an error from localtime() in TimeZone.php of the Pear library.... Read more

    Affected Products : phpwebsite
    • EPSS Score: %0.44
    • Published: Oct. 20, 2003
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2003-0708

    Format string vulnerability in LinuxNode (node) before 0.3.2 may allow attackers to cause a denial of service or execute arbitrary code.... Read more

    Affected Products : linuxnode
    • EPSS Score: %0.91
    • Published: Oct. 20, 2003
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2003-0734

    Unknown vulnerability in the pam_filter mechanism in pam_ldap before version 162, when LDAP based authentication is being used, allows users to bypass host-based access restrictions and log onto the system.... Read more

    Affected Products : pam_ldap
    • EPSS Score: %0.42
    • Published: Oct. 20, 2003
    • Modified: Apr. 03, 2025
Showing 20 of 291274 Results