Total
29922 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2003-1186 | 1 Telcondex | 1 Simplewebserver | 2026-04-16 | N/A |
| Buffer overflow in TelCondex SimpleWebServer 2.12.30210 Build3285 allows remote attackers to execute arbitrary code via a long HTTP Referer header. | ||||
| CVE-2003-1187 | 1 Phpkit | 1 Phpkit | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in include.php in PHPKIT 1.6.02 and 1.6.03 allows remote attackers to inject arbitrary web script or HTML via the contact_email parameter. | ||||
| CVE-2003-1189 | 1 Nokia | 1 Ipso | 2026-04-16 | N/A |
| Unknown vulnerability in Nokia IPSO 3.7, configured as IP Clusters, allows remote attackers to cause a denial of service via unknown attack vectors. | ||||
| CVE-2003-1192 | 1 Truenorth Software | 1 Ia Webmail Server | 2026-04-16 | N/A |
| Stack-based buffer overflow in IA WebMail Server 3.1.0 allows remote attackers to execute arbitrary code via a long GET request. | ||||
| CVE-2003-1202 | 1 Omail | 1 Omail Webmail | 2026-04-16 | N/A |
| The checklogin function in omail.pl for omail webmail 0.98.4 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in a (1) password, (2) domainname, or (3) username. | ||||
| CVE-2003-1204 | 1 Mambo | 1 Mambo Site Server | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Mambo Site Server 4.0.12 BETA and earlier allow remote attackers to execute script on other clients via (1) the link parameter in sectionswindow.php, the directory parameter in (2) gallery.php, (3) navigation.php, or (4) uploadimage.php, the path parameter in (5) view.php, (6) the choice parameter in upload.php, (7) the sitename parameter in mambosimple.php, (8) the type parameter in upload.php, or the id parameter in (9) emailarticle.php, (10) emailfaq.php, or (11) emailnews.php. | ||||
| CVE-2003-1206 | 1 Crob | 1 Crob Ftp Server | 2026-04-16 | N/A |
| Format string vulnerability in Crob FTP Server 2.60.1 allows remote attackers to cause a denial of service (crash) via "%s" or "%n" sequences in (1) the username during login, or other FTP commands such as (2) dir. | ||||
| CVE-2003-1210 | 1 Francisco Burzi | 1 Php-nuke | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in the Downloads module for PHP-Nuke 5.x through 6.5 allow remote attackers to execute arbitrary SQL commands via the (1) lid parameter to the getit function or the (2) min parameter to the search function. | ||||
| CVE-2003-1234 | 1 Freebsd | 1 Freebsd | 2026-04-16 | N/A |
| Integer overflow in the f_count counter in FreeBSD before 4.2 through 5.0 allows local users to cause a denial of service (crash) and possibly execute arbitrary code via multiple calls to (1) fpathconf and (2) lseek, which do not properly decrement f_count through a call to fdrop. | ||||
| CVE-2003-1239 | 1 Wihphoto | 1 Wihphoto | 2026-04-16 | N/A |
| Directory traversal vulnerability in sendphoto.php in WihPhoto 0.86 allows remote attackers to read arbitrary files via .. specifiers in the album parameter, and the target filename in the pic parameter. | ||||
| CVE-2003-1243 | 1 Sage | 1 Sage | 2026-04-16 | N/A |
| Cross-site scripting vulnerability (XSS) in Sage 1.0 b3 allows remote attackers to insert arbitrary HTML or web script via the mod parameter. | ||||
| CVE-2003-1245 | 1 Mambo | 1 Mambo Site Server | 2026-04-16 | N/A |
| index2.php in Mambo 4.0.12 allows remote attackers to gain administrator access via a URL request where session_id is set to the MD5 hash of a session cookie. | ||||
| CVE-2003-1250 | 1 Efficient Networks | 1 5861 Dsl Router | 2026-04-16 | N/A |
| Efficient Networks 5861 DSL router, when running firmware 5.3.80 configured to block incoming TCP SYN, packets allows remote attackers to cause a denial of service (crash) via a flood of TCP SYN packets to the WAN interface using a port scanner such as nmap. | ||||
| CVE-2003-1261 | 1 Globalscape | 1 Cuteftp | 2026-04-16 | N/A |
| Buffer overflow in CuteFTP 5.0 and 5.0.1 allows local users to cause a denial of service (crash) by copying a long URL into a clipboard. | ||||
| CVE-2003-1262 | 1 Http Fetcher | 1 Http Fetcher Library | 2026-04-16 | N/A |
| Buffer overflow in the http_fetch function of HTTP Fetcher 1.0.0 and 1.0.1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a URL request via a long (1) host, (2) referer, or (3) userAgent value. | ||||
| CVE-2003-1285 | 1 Sambar | 1 Sambar Server | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Sambar Server before 6.0 beta 6 allow remote attackers to inject arbitrary web script or HTML via the query string to (1) isapi/testisa.dll, (2) testcgi.exe, (3) environ.pl, (4) the query parameter to samples/search.dll, (5) the price parameter to mortgage.pl, (6) the query string in dumpenv.pl, (7) the query string to dumpenv.pl, and (8) the E-Mail field of the guestbook script (book.pl). | ||||
| CVE-2003-1298 | 1 Anyportal Php | 1 Anyportal Php | 2026-04-16 | N/A |
| Multiple directory traversal vulnerabilities in siteman.php3 in AnyPortal(php) 12 MAY 00 allow remote attackers to (1) create, (2) delete, (3) save, and (4) upload files by navigating to the root directory and entering a filename beginning with "./.." (dot slash dot dot). | ||||
| CVE-2003-1304 | 1 Early Impact | 1 Productcart | 2026-04-16 | N/A |
| EarlyImpact ProductCart 1.0 through 2.0 stores database/EIPC.mdb under the web root with insufficient access control, which allows remote attackers to obtain sensitive database information via a direct request. | ||||
| CVE-2003-1311 | 1 Netegrity | 1 Siteminder | 2026-04-16 | N/A |
| siteminderagent/SmMakeCookie.ccc in Netegrity SiteMinder does not ensure that the TARGET parameter names a valid redirection resource, which allows remote attackers to construct a URL that might trick users into visiting an arbitrary web site referenced by this parameter. | ||||
| CVE-2003-1314 | 1 Eternalmart | 1 Eternalmart Guestbook | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in admin/auth.php in EternalMart Guestbook (EMGB) 1.1 allows remote attackers to execute arbitrary PHP code via a URL in the emgb_admin_path parameter. | ||||