|
350291
|
- |
|
logicworks
|
web_erp
|
WEB-ERP 0.1.4 and earlier allows remote attackers to obtain sensitive information via an HTTP request for the logicworks.ini file, which contains the MySQL database username and password.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2003-1383
|
2017-07-29 10:29 |
2003-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
350292
|
- |
|
py_software
|
py-livredor
|
Cross-site scripting (XSS) vulnerability in index.php in PY-Livredor 1.0 allows remote attackers to insert arbitrary web script or HTML via the (1) titre, (2) Votre pseudo, (3) Votre e-mail, or (4) V…
|
CWE-79
Cross-site Scripting
|
CVE-2003-1384
|
2017-07-29 10:29 |
2003-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
350293
|
- |
|
invision_power_services
|
invision_power_board
|
ipchat.php in Invision Power Board 1.1.1 allows remote attackers to execute arbitrary PHP code, if register_globals is enabled, by modifying the root_path parameter to reference a URL on a remote web…
|
CWE-94
Code Injection
|
CVE-2003-1385
|
2017-07-29 10:29 |
2003-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
350294
|
- |
|
axis
|
2400_video_server
2401_video_server
|
AXIS 2400 Video Server 2.00 through 2.33 allows remote attackers to obtain sensitive information via an HTTP request to /support/messages, which displays the server's /var/log/messages file.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2003-1386
|
2017-07-29 10:29 |
2003-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
350295
|
- |
|
research_triangle_software
|
cryptobuddy
|
RTS CryptoBuddy 1.2 and earlier truncates long passphrases without warning the user, which may make it easier to conduct certain brute force guessing attacks.
|
CWE-310
Cryptographic Issues
|
CVE-2003-1389
|
2017-07-29 10:29 |
2003-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
350296
|
- |
|
research_triangle_software
|
cryptobuddy
|
RTS CryptoBuddy 1.2 and earlier stores bytes 53 through 55 of a 55-byte passphrase in plaintext, which makes it easier for local users to guess the passphrase.
|
CWE-310
Cryptographic Issues
|
CVE-2003-1390
|
2017-07-29 10:29 |
2003-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
350297
|
- |
|
research_triangle_software
|
cryptobuddy
|
RTS CryptoBuddy 1.0 and 1.2 uses a weak encryption algorithm for the passphrase and generates predictable keys, which makes it easier for attackers to guess the passphrase.
|
CWE-310
Cryptographic Issues
|
CVE-2003-1391
|
2017-07-29 10:29 |
2003-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
350298
|
- |
|
research_triangle_software
microsoft
|
cryptobuddy
all_windows
|
CryptoBuddy 1.0 and 1.2 does not use the user-supplied passphrase to encrypt data, which could allow local users to use their own passphrase to decrypt the data.
|
CWE-310
Cryptographic Issues
|
CVE-2003-1392
|
2017-07-29 10:29 |
2003-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
350299
|
- |
|
gupta_technologies
|
sqlbase
|
Buffer overflow in Gupta SQLBase 8.1.0 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long EXECUTE command.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2003-1393
|
2017-07-29 10:29 |
2003-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
350300
|
- |
|
coffeecup_software
|
coffeecup_password_wizard
|
CoffeeCup Software Password Wizard 4.0 stores sensitive information such as usernames and passwords in a .apw file under the web document root with insufficient access control, which allows remote at…
|
CWE-255
Credentials Management
|
CVE-2003-1394
|
2017-07-29 10:29 |
2003-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
