Total
274566 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2003-0284 | 1 Adobe | 1 Acrobat | 2024-11-20 | N/A |
| Adobe Acrobat 5 does not properly validate JavaScript in PDF files, which allows remote attackers to write arbitrary files into the Plug-ins folder that spread to other PDF documents, as demonstrated by the W32.Yourde virus. | ||||
| CVE-2003-0283 | 1 Phorum | 1 Phorum | 2024-11-20 | N/A |
| Cross-site scripting (XSS) vulnerability in Phorum before 3.4.3 allows remote attackers to inject arbitrary web script and HTML tags via a message with a "<<" before a tag name in the (1) subject, (2) author's name, or (3) author's e-mail. | ||||
| CVE-2003-0282 | 3 Info-zip, Redhat, Sco | 5 Unzip, Enterprise Linux, Linux and 2 more | 2024-11-20 | N/A |
| Directory traversal vulnerability in UnZip 5.50 allows attackers to overwrite arbitrary files via invalid characters between two . (dot) characters, which are filtered and result in a ".." sequence. | ||||
| CVE-2003-0281 | 1 Firebirdsql | 1 Firebird | 2024-11-20 | N/A |
| Buffer overflow in Firebird 1.0.2 and other versions before 1.5, and possibly other products that use the InterBase codebase, allows local users to execute arbitrary code via a long INTERBASE environment variable when calling (1) gds_inet_server, (2) gds_lock_mgr, or (3) gds_drop. | ||||
| CVE-2003-0280 | 1 Youngzsoft | 1 Cmailserver | 2024-11-20 | N/A |
| Multiple buffer overflows in the SMTP Service for ESMTP CMailServer 4.0.2003.03.27 allow remote attackers to execute arbitrary code via long (1) MAIL FROM or (2) RCPT TO commands. | ||||
| CVE-2003-0279 | 1 Francisco Burzi | 1 Php-nuke | 2024-11-20 | N/A |
| Multiple SQL injection vulnerabilities in the Web_Links module for PHP-Nuke 5.x through 6.5 allows remote attackers to steal sensitive information via numeric fields, as demonstrated using (1) the viewlink function and cid parameter, or (2) index.php. | ||||
| CVE-2003-0278 | 1 Happycgi.com | 1 Happymall | 2024-11-20 | N/A |
| Cross-site scripting (XSS) vulnerability in normal_html.cgi in Happycgi.com Happymall 4.3 and 4.4 allows remote attackers to insert arbitrary web script via the file parameter. | ||||
| CVE-2003-0277 | 1 Happycgi | 1 Happymall | 2024-11-20 | N/A |
| Directory traversal vulnerability in normal_html.cgi in Happycgi.com Happymall 4.3 and 4.4 allows remote attackers to read arbitrary files via .. (dot dot) sequences in the file parameter. | ||||
| CVE-2003-0276 | 1 Pi3 | 1 Pi3web | 2024-11-20 | N/A |
| Buffer overflow in Pi3Web 2.0.1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a GET request with a large number of / characters. | ||||
| CVE-2003-0275 | 1 Yabb | 1 Yabb | 2024-11-20 | N/A |
| SSI.php in YaBB SE 1.5.2 allows remote attackers to execute arbitrary PHP code by modifying the sourcedir parameter to reference a URL on a remote web server that contains the code. | ||||
| CVE-2003-0274 | 1 Cren | 1 Listproc | 2024-11-20 | N/A |
| Buffer overflow in catmail for ListProc 8.2.09 and earlier allows remote attackers to execute arbitrary code via a long ULISTPROC_UMASK value. | ||||
| CVE-2003-0273 | 1 Best Practical Solutions | 1 Request Tracker | 2024-11-20 | N/A |
| Cross-site scripting (XSS) vulnerability in the web interface for Request Tracker (RT) 1.0 through 1.0.7 allows remote attackers to execute script via message bodies. | ||||
| CVE-2003-0272 | 1 Miniportal | 1 Miniportal | 2024-11-20 | N/A |
| admin.php in miniPortail allows remote attackers to gain administrative privileges by setting the miniPortailAdmin cookie to an "adminok" value. | ||||
| CVE-2003-0271 | 1 Cooolsoft | 1 Personal Ftp Server | 2024-11-20 | N/A |
| Buffer overflow in Personal FTP Server allows remote attackers to execute arbitrary code via a long USER argument. | ||||
| CVE-2003-0270 | 1 Apple | 1 802.11n | 2024-11-20 | N/A |
| The administration capability for Apple AirPort 802.11 wireless access point devices uses weak encryption (XOR with a fixed key) for protecting authentication credentials, which could allow remote attackers to obtain administrative access via sniffing when the capability is available via Ethernet or non-WEP connections. | ||||
| CVE-2003-0269 | 1 Youbin | 1 Youbin | 2024-11-20 | N/A |
| Buffer overflow in youbin allows local users to gain privileges via a long HOME environment variable. | ||||
| CVE-2003-0268 | 1 Bvrp Software | 1 Slwebmail | 2024-11-20 | N/A |
| SLWebMail 3 on Windows systems allows remote attackers to identify the full path of the server via invalid requests to DLLs such as WebMailReq.dll, which reveals the path in an error message. | ||||
| CVE-2003-0267 | 1 Bvrp Software | 1 Slwebmail | 2024-11-20 | N/A |
| ShowGodLog.dll in SLWebMail 3 on Windows systems allows remote attackers to read arbitrary files by directly calling ShowGodLog.dll with an argument specifying the full path of the target file. | ||||
| CVE-2003-0266 | 1 Bvrp Software | 1 Slwebmail | 2024-11-20 | N/A |
| Multiple buffer overflows in SLWebMail 3 on Windows systems allows remote attackers to cause a denial of service and possibly execute arbitrary code via (1) a long Language parameter to showlogin.dll, (2) a long CompanyID parameter to recman.dll, (3) a long CompanyID parameter to admin.dll, or (4) a long CompanyID parameter to globallogin.dll. | ||||
| CVE-2003-0265 | 1 Sap | 1 Sap Db | 2024-11-20 | N/A |
| Race condition in SDBINST for SAP database 7.3.0.29 creates critical files with world-writable permissions before initializing the setuid bits, which allows local attackers to gain root privileges by modifying the files before the permissions are changed. | ||||