Total
29894 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2003-1154 | 1 Clearswift | 1 Mailsweeper | 2026-04-16 | N/A |
| MAILsweeper for SMTP 4.3 allows remote attackers to bypass virus protection via a mail message with a malformed zip attachment, as exploited by certain MIMAIL virus variants. | ||||
| CVE-2003-1158 | 1 Plug And Play Software | 1 Plug And Play Web Server | 2026-04-16 | N/A |
| Multiple buffer overflows in the FTP service in Plug and Play Web Server 1.0002c allow remote attackers to cause a denial of service (crash) via long (1) dir, (2) ls, (3) delete, (4) mkdir, (5) DELE, (6) RMD, or (7) MKD commands. | ||||
| CVE-2003-1162 | 1 Tritanium Scripts | 1 Tritanium Bulletin Board | 2026-04-16 | N/A |
| index.php in Tritanium Bulletin Board 1.2.3 allows remote attackers to read and reply to arbitrary messages by modifying the thread_id, forum_id, and sid parameters. | ||||
| CVE-2003-1163 | 1 Ganglia | 1 Gmond | 2026-04-16 | N/A |
| hash.c in Ganglia gmond 2.5.3 allows remote attackers to cause a denial of service (segmentation fault) via a UDP packet that contains a single-byte name string, which is used as an out-of-bounds array index. | ||||
| CVE-2003-1171 | 1 Mod Security | 1 Mod Security | 2026-04-16 | N/A |
| Heap-based buffer overflow in the sec_filter_out function in mod_security 1.7RC1 through 1.7.1 in Apache 2 allows remote attackers to execute arbitrary code via a server side script that sends a large amount of data. | ||||
| CVE-2003-1173 | 1 Centrinity | 1 Centrinity Firstclass | 2026-04-16 | N/A |
| Centrinity FirstClass 7.1 allows remote attackers to access sensitive information by appending search to the end of the URL and checking all of the search option checkboxes and leaving the text field blank, which will return all files in the searched directory. | ||||
| CVE-2003-1179 | 1 Advanced Poll | 1 Advanced Poll | 2026-04-16 | N/A |
| Multiple PHP remote file inclusion vulnerabilities in Advanced Poll 2.0.2 allow remote attackers to execute arbitrary PHP code via the include_path parameter in (1) booth.php, (2) png.php, (3) poll_ssi.php, or (4) popup.php, the (5) base_path parameter to common.inc.php. | ||||
| CVE-2003-1185 | 1 Thwboard | 1 Thwboard | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in ThWboard before Beta 2.8.2 allow remote attackers to inject arbitrary SQL commands via various vectors including (1) Admin-Center, (2) Announcements, (3) admin/calendar.php, and (4) showevent.php. | ||||
| CVE-2003-1186 | 1 Telcondex | 1 Simplewebserver | 2026-04-16 | N/A |
| Buffer overflow in TelCondex SimpleWebServer 2.12.30210 Build3285 allows remote attackers to execute arbitrary code via a long HTTP Referer header. | ||||
| CVE-2003-1187 | 1 Phpkit | 1 Phpkit | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in include.php in PHPKIT 1.6.02 and 1.6.03 allows remote attackers to inject arbitrary web script or HTML via the contact_email parameter. | ||||
| CVE-2003-1189 | 1 Nokia | 1 Ipso | 2026-04-16 | N/A |
| Unknown vulnerability in Nokia IPSO 3.7, configured as IP Clusters, allows remote attackers to cause a denial of service via unknown attack vectors. | ||||
| CVE-2003-1192 | 1 Truenorth Software | 1 Ia Webmail Server | 2026-04-16 | N/A |
| Stack-based buffer overflow in IA WebMail Server 3.1.0 allows remote attackers to execute arbitrary code via a long GET request. | ||||
| CVE-2003-1202 | 1 Omail | 1 Omail Webmail | 2026-04-16 | N/A |
| The checklogin function in omail.pl for omail webmail 0.98.4 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in a (1) password, (2) domainname, or (3) username. | ||||
| CVE-2003-1204 | 1 Mambo | 1 Mambo Site Server | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Mambo Site Server 4.0.12 BETA and earlier allow remote attackers to execute script on other clients via (1) the link parameter in sectionswindow.php, the directory parameter in (2) gallery.php, (3) navigation.php, or (4) uploadimage.php, the path parameter in (5) view.php, (6) the choice parameter in upload.php, (7) the sitename parameter in mambosimple.php, (8) the type parameter in upload.php, or the id parameter in (9) emailarticle.php, (10) emailfaq.php, or (11) emailnews.php. | ||||
| CVE-2003-1206 | 1 Crob | 1 Crob Ftp Server | 2026-04-16 | N/A |
| Format string vulnerability in Crob FTP Server 2.60.1 allows remote attackers to cause a denial of service (crash) via "%s" or "%n" sequences in (1) the username during login, or other FTP commands such as (2) dir. | ||||
| CVE-2003-1210 | 1 Francisco Burzi | 1 Php-nuke | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in the Downloads module for PHP-Nuke 5.x through 6.5 allow remote attackers to execute arbitrary SQL commands via the (1) lid parameter to the getit function or the (2) min parameter to the search function. | ||||
| CVE-2003-1234 | 1 Freebsd | 1 Freebsd | 2026-04-16 | N/A |
| Integer overflow in the f_count counter in FreeBSD before 4.2 through 5.0 allows local users to cause a denial of service (crash) and possibly execute arbitrary code via multiple calls to (1) fpathconf and (2) lseek, which do not properly decrement f_count through a call to fdrop. | ||||
| CVE-2003-1239 | 1 Wihphoto | 1 Wihphoto | 2026-04-16 | N/A |
| Directory traversal vulnerability in sendphoto.php in WihPhoto 0.86 allows remote attackers to read arbitrary files via .. specifiers in the album parameter, and the target filename in the pic parameter. | ||||
| CVE-2003-1243 | 1 Sage | 1 Sage | 2026-04-16 | N/A |
| Cross-site scripting vulnerability (XSS) in Sage 1.0 b3 allows remote attackers to insert arbitrary HTML or web script via the mod parameter. | ||||
| CVE-2003-1245 | 1 Mambo | 1 Mambo Site Server | 2026-04-16 | N/A |
| index2.php in Mambo 4.0.12 allows remote attackers to gain administrator access via a URL request where session_id is set to the MD5 hash of a session cookie. | ||||