Latest CVE Feed
-
7.5
HIGHCVE-2002-1459
Cross-site scripting vulnerability in L-Forum 2.40 and earlier, when the "Enable HTML in messages" option is off, allows remote attackers to insert arbitrary script or HTML via message fields including (1) From, (2) E-Mail, and (3) Subject.... Read more
Affected Products : l-forum- EPSS Score: %1.08
- Published: Jun. 09, 2003
- Modified: Apr. 03, 2025
-
10.0
HIGHCVE-2003-0240
The web-based administration capability for various Axis Network Camera products allows remote attackers to bypass access restrictions and modify configuration via an HTTP request to the admin/admin.shtml containing a leading // (double slash).... Read more
- EPSS Score: %22.36
- Published: Jun. 09, 2003
- Modified: Apr. 03, 2025
-
6.8
MEDIUMCVE-2003-0223
Cross-site scripting vulnerability (XSS) in the ASP function responsible for redirection in Microsoft Internet Information Server (IIS) 4.0, 5.0, and 5.1 allows remote attackers to embed a URL containing script in a redirection message.... Read more
- EPSS Score: %12.60
- Published: Jun. 09, 2003
- Modified: Apr. 03, 2025
-
7.5
HIGHCVE-2003-0360
Multiple buffer overflows in gPS before 1.0.0 allow attackers to cause a denial of service and possibly execute arbitrary code.... Read more
Affected Products : debian_linux- EPSS Score: %0.92
- Published: Jun. 09, 2003
- Modified: Apr. 03, 2025
-
5.0
MEDIUMCVE-2002-1564
Internet Explorer 5.5 and 6.0 allows remote attackers to steal potentially sensitive information from cookies via a cookie that contains script which is executed when a page is loaded, aka the "Script within Cookies Reading Cookies" vulnerability.... Read more
Affected Products : internet_explorer- EPSS Score: %15.86
- Published: Jun. 09, 2003
- Modified: Apr. 03, 2025
-
7.5
HIGHCVE-2003-0361
gPS before 1.1.0 does not properly follow the rgpsp connection source acceptation policy as specified in the rgpsp.conf file, which could allow unauthorized remote attackers to connect to rgpsp.... Read more
Affected Products : debian_linux- EPSS Score: %0.64
- Published: Jun. 09, 2003
- Modified: Apr. 03, 2025
-
7.5
HIGHCVE-2003-0320
header.php in ttCMS 2.3 and earlier allows remote attackers to inject arbitrary PHP code by setting the ttcms_user_admin parameter to "1" and modifying the admin_root parameter to point to a URL that contains a Trojan horse header.inc.php script.... Read more
Affected Products : ttcms- EPSS Score: %3.22
- Published: Jun. 09, 2003
- Modified: Apr. 03, 2025
-
4.6
MEDIUMCVE-2003-0329
CesarFTP 0.99g stores user names and passwords in plaintext in the settings.ini file, which could allow local users to gain privileges.... Read more
Affected Products : cesarftp- EPSS Score: %0.14
- Published: Jun. 09, 2003
- Modified: Apr. 03, 2025
-
5.0
MEDIUMCVE-2003-0303
SQL injection vulnerability in one||zero (aka One or Zero) Helpdesk 1.4 rc4 allows remote attackers to modify arbitrary ticket number descriptions via the sg parameter.... Read more
Affected Products : oneorzero_helpdesk- EPSS Score: %0.33
- Published: Jun. 09, 2003
- Modified: Apr. 03, 2025
-
4.6
MEDIUMCVE-2003-0325
Buffer overflow in Maelstrom 3.0.6, 3.0.5, and earlier allows local users to execute arbitrary code via a long -server command line argument.... Read more
Affected Products : maelstrom- EPSS Score: %0.16
- Published: Jun. 09, 2003
- Modified: Apr. 03, 2025
-
4.6
MEDIUMCVE-2003-0194
tcpdump does not properly drop privileges to the pcap user when starting up.... Read more
- EPSS Score: %0.07
- Published: Jun. 09, 2003
- Modified: Apr. 03, 2025
-
7.2
HIGHCVE-2003-0306
Buffer overflow in EXPLORER.EXE on Windows XP allows attackers to execute arbitrary code as the XP user via a desktop.ini file with a long .ShellClassInfo parameter.... Read more
Affected Products : windows_xp- EPSS Score: %2.48
- Published: Jun. 09, 2003
- Modified: Apr. 03, 2025
-
10.0
HIGHCVE-2003-0331
SQL injection vulnerability in ttForum allows remote attackers to execute arbitrary SQL and gain ttForum Administrator privileges via the Ignorelist-Textfield argument in the Preferences page.... Read more
Affected Products : ttforum- EPSS Score: %0.64
- Published: Jun. 09, 2003
- Modified: Apr. 03, 2025
-
7.5
HIGHCVE-2003-0321
Multiple buffer overflows in BitchX IRC client 1.0-0c19 and earlier allow remote malicious IRC servers to cause a denial of service (crash) and possibly execute arbitrary code via long hostnames, nicknames, or channel names, which are not properly handled... Read more
Affected Products : bitchx- EPSS Score: %1.22
- Published: Jun. 09, 2003
- Modified: Apr. 03, 2025
-
4.3
MEDIUMCVE-2003-0318
Cross-site scripting (XSS) vulnerability in the Statistics module for PHP-Nuke 6.0 and earlier allows remote attackers to insert arbitrary web script via the year parameter.... Read more
Affected Products : php-nuke- EPSS Score: %0.02
- Published: Jun. 09, 2003
- Modified: Apr. 03, 2025
-
5.0
MEDIUMCVE-2003-0305
The Service Assurance Agent (SAA) in Cisco IOS 12.0 through 12.2, aka Response Time Reporter (RTR), allows remote attackers to cause a denial of service (crash) via malformed RTR packets to port 1967.... Read more
Affected Products : ios- EPSS Score: %0.66
- Published: Jun. 09, 2003
- Modified: Apr. 03, 2025
-
5.0
MEDIUMCVE-2003-0225
The ASP function Response.AddHeader in Microsoft Internet Information Server (IIS) 4.0 and 5.0 does not limit memory requests when constructing headers, which allow remote attackers to generate a large header to cause a denial of service (memory consumpti... Read more
- EPSS Score: %29.22
- Published: Jun. 09, 2003
- Modified: Apr. 03, 2025
-
5.0
MEDIUMCVE-2003-0362
Buffer overflow in gPS before 0.10.2 may allow local users to cause a denial of service (SIGSEGV) in rgpsp via long command lines.... Read more
Affected Products : debian_linux- EPSS Score: %0.45
- Published: Jun. 09, 2003
- Modified: Apr. 03, 2025
-
7.6
HIGHCVE-2003-0332
The ISAPI extension in BadBlue 1.7 through 2.2, and possibly earlier versions, modifies the first two letters of a filename extension after performing a security check, which allows remote attackers to bypass authentication via a filename with a .ats exte... Read more
Affected Products : badblue- EPSS Score: %1.98
- Published: Jun. 09, 2003
- Modified: Apr. 03, 2025
-
10.0
HIGHCVE-2003-0224
Buffer overflow in ssinc.dll for Microsoft Internet Information Services (IIS) 5.0 allows local users to execute arbitrary code via a web page with a Server Side Include (SSI) directive with a long filename, aka "Server Side Include Web Pages Buffer Overr... Read more
- EPSS Score: %15.45
- Published: Jun. 09, 2003
- Modified: Apr. 03, 2025