Latest CVE Feed
-
4.3
MEDIUMCVE-2003-1088
Cross-site scripting (XSS) vulnerability in index.php for Zorum 3.4 and 3.5 allows remote attackers to inject arbitrary web script or HTML via the method parameter.... Read more
Affected Products : zorum- EPSS Score: %0.53
- Published: Aug. 11, 2003
- Modified: Apr. 03, 2025
-
7.2
HIGHCVE-2003-0498
Caché Database 5.x installs the /cachesys/csp directory with insecure permissions, which allows local users to execute arbitrary code by adding server-side scripts that are executed with root privileges.... Read more
Affected Products : cache_database- EPSS Score: %0.14
- Published: Aug. 07, 2003
- Modified: Apr. 03, 2025
-
7.5
HIGHCVE-2003-0491
The Tutorials 2.0 module in XOOPS and E-XOOPS allows remote attackers to execute arbitrary code by uploading a PHP file without a MIME image type, then directly accessing the uploaded file.... Read more
Affected Products : tutorials- EPSS Score: %1.62
- Published: Aug. 07, 2003
- Modified: Apr. 03, 2025
-
7.2
HIGHCVE-2003-0497
Caché Database 5.x installs /cachesys/bin/cache with world-writable permissions, which allows local users to gain privileges by modifying cache and executing it via cuxs.... Read more
Affected Products : cache_database- EPSS Score: %0.11
- Published: Aug. 07, 2003
- Modified: Apr. 03, 2025
-
6.8
MEDIUMCVE-2003-0484
Cross-site scripting (XSS) vulnerability in viewtopic.php for phpBB allows remote attackers to insert arbitrary web script via the topic_id parameter.... Read more
Affected Products : phpbb- EPSS Score: %0.87
- Published: Aug. 07, 2003
- Modified: Apr. 03, 2025
-
5.0
MEDIUMCVE-2003-0475
Directory traversal vulnerability in iWeb Server 2 allows remote attackers to read arbitrary files via an HTTP request containing URL-encoded .. sequences ("%5c%2e%2e"), a different vulnerability than CVE-2003-0474.... Read more
Affected Products : iweb_server- EPSS Score: %1.26
- Published: Aug. 07, 2003
- Modified: Apr. 03, 2025
-
5.0
MEDIUMCVE-2003-0472
The IPv6 capability in IRIX 6.5.19 allows remote attackers to cause a denial of service (hang) in inetd via port scanning.... Read more
Affected Products : irix- EPSS Score: %0.93
- Published: Aug. 07, 2003
- Modified: Apr. 03, 2025
-
7.5
HIGHCVE-2003-0482
TUTOS 1.1 allows remote attackers to execute arbitrary code by uploading the code using file_new.php, then directly accessing the uploaded code via a request to the repository containing the code.... Read more
Affected Products : tutos- EPSS Score: %4.84
- Published: Aug. 07, 2003
- Modified: Apr. 03, 2025
-
3.7
LOWCVE-2003-0480
VMware Workstation 4.0 for Linux allows local users to overwrite arbitrary files and gain privileges via "symlink manipulation."... Read more
Affected Products : workstation- EPSS Score: %0.04
- Published: Aug. 07, 2003
- Modified: Apr. 03, 2025
-
5.0
MEDIUMCVE-2003-0474
Directory traversal vulnerability in iWeb Server allows remote attackers to read arbitrary files via an HTTP request containing .. sequences, a different vulnerability than CVE-2003-0475.... Read more
Affected Products : iweb_server- EPSS Score: %1.26
- Published: Aug. 07, 2003
- Modified: Apr. 03, 2025
-
7.5
HIGHCVE-2003-0487
Multiple buffer overflows in Kerio MailServer 5.6.3 allow remote authenticated users to cause a denial of service and possibly execute arbitrary code via (1) a long showuser parameter in the do_subscribe module, (2) a long folder parameter in the add_acl ... Read more
Affected Products : kerio_mailserver- EPSS Score: %9.79
- Published: Aug. 07, 2003
- Modified: Apr. 03, 2025
-
7.5
HIGHCVE-2003-0471
Buffer overflow in WebAdmin.exe for WebAdmin allows remote attackers to execute arbitrary code via an HTTP request to WebAdmin.dll with a long USER argument.... Read more
Affected Products : webadmin- EPSS Score: %71.83
- Published: Aug. 07, 2003
- Modified: Apr. 03, 2025
-
4.6
MEDIUMCVE-2003-0452
Buffer overflows in osh before 1.7-11 allow local users to execute arbitrary code and bypass shell restrictions via (1) long environment variables or (2) long "file redirections."... Read more
Affected Products : osh- EPSS Score: %0.09
- Published: Aug. 07, 2003
- Modified: Apr. 03, 2025
-
10.0
HIGHCVE-2003-0509
SQL injection vulnerability in Cyberstrong eShop 4.2 and earlier allows remote attackers to steal authentication information and gain privileges via the ProductCode parameter in (1) 10expand.asp, (2) 10browse.asp, and (3) 20review.asp.... Read more
Affected Products : eshop- EPSS Score: %5.79
- Published: Aug. 07, 2003
- Modified: Apr. 03, 2025
-
7.2
HIGHCVE-2003-0489
tcptraceroute 1.4 and earlier does not fully drop privileges after obtaining a file descriptor for capturing packets, which may allow local users to gain access to the descriptor via a separate vulnerability in tcptraceroute.... Read more
Affected Products : tcptraceroute- EPSS Score: %0.05
- Published: Aug. 07, 2003
- Modified: Apr. 03, 2025
-
10.0
HIGHCVE-2003-0494
password.asp in Snitz Forums 3.4.03 and earlier allows remote attackers to reset passwords and gain privileges as other users by via a direct request to password.asp with a modified member id.... Read more
Affected Products : snitz_forums_2000- EPSS Score: %0.93
- Published: Aug. 07, 2003
- Modified: Apr. 03, 2025
-
7.2
HIGHCVE-2003-0454
Multiple buffer overflows in xgalaga 2.0.34 and earlier allow local users to gain privileges via a long HOME environment variable.... Read more
Affected Products : xgalaga- EPSS Score: %1.30
- Published: Aug. 07, 2003
- Modified: Apr. 03, 2025
-
7.5
HIGHCVE-2003-0470
Buffer overflow in the "RuFSI Utility Class" ActiveX control (aka "RuFSI Registry Information Class"), as used for the Symantec Security Check service, allows remote attackers to execute arbitrary code via a long argument to CompareVersionStrings.... Read more
Affected Products : security_check- EPSS Score: %17.66
- Published: Aug. 07, 2003
- Modified: Apr. 03, 2025
-
7.5
HIGHCVE-2003-0510
Format string vulnerability in ezbounce 1.0 through 1.50 allows remote attackers to execute arbitrary code via the "sessions" command.... Read more
Affected Products : ezbounce- EPSS Score: %5.02
- Published: Aug. 07, 2003
- Modified: Apr. 03, 2025
-
7.5
HIGHCVE-2003-0507
Stack-based buffer overflow in Active Directory in Windows 2000 before SP4 allows remote attackers to cause a denial of service (reboot) and possibly execute arbitrary code via an LDAP version 3 search request with a large number of (1) "AND," (2) "OR," a... Read more
Affected Products : windows_2000- EPSS Score: %31.20
- Published: Aug. 07, 2003
- Modified: Apr. 03, 2025