|
347661
|
- |
|
microsoft
|
outlook
outlook_express
|
Microsoft Outlook Express 6.0 and Outlook 2000, with the security zone set to Internet Zone, allows remote attackers to execute arbitrary programs via an HTML email with the CODEBASE parameter set to…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2003-1378
|
2017-07-29 10:29 |
2003-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
347662
|
- |
|
point_clark_networks
|
clarkconnect
|
clarkconnectd in ClarkConnect Linux 1.2 allows remote attackers to obtain sensitive information about the server via the characters (1) A, which reveals the date and time, (2) F, (3) M, which reveals…
|
CWE-200
Information Exposure
|
CVE-2003-1379
|
2017-07-29 10:29 |
2003-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
347663
|
- |
|
bisonftp
|
bisonftp_server_4
|
Directory traversal vulnerability in BisonFTP Server 4 release 2 allows remote attackers to (1) list directories above the root via an 'ls @../' command, or (2) list files above the root via a "mget …
|
CWE-22
Path Traversal
|
CVE-2003-1380
|
2017-07-29 10:29 |
2003-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
347664
|
- |
|
amxmod.net
|
amx_mod
|
Format string vulnerability in AMX 0.9.2 and earlier, a plugin for Valve Software's Half-Life Server, allows remote attackers to execute arbitrary commands via format string specifiers in the amx_say…
|
CWE-134
Use of Externally-Controlled Format String
|
CVE-2003-1381
|
2017-07-29 10:29 |
2003-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
347665
|
- |
|
instantservers_inc.
|
ismail
|
Buffer overflow in ISMail 1.4.3 and earlier allow remote attackers to execute arbitrary code via long domain names in (1) MAIL FROM or (2) RCPT TO fields.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2003-1382
|
2017-07-29 10:29 |
2003-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
347666
|
- |
|
logicworks
|
web_erp
|
WEB-ERP 0.1.4 and earlier allows remote attackers to obtain sensitive information via an HTTP request for the logicworks.ini file, which contains the MySQL database username and password.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2003-1383
|
2017-07-29 10:29 |
2003-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
347667
|
- |
|
py_software
|
py-livredor
|
Cross-site scripting (XSS) vulnerability in index.php in PY-Livredor 1.0 allows remote attackers to insert arbitrary web script or HTML via the (1) titre, (2) Votre pseudo, (3) Votre e-mail, or (4) V…
|
CWE-79
Cross-site Scripting
|
CVE-2003-1384
|
2017-07-29 10:29 |
2003-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
347668
|
- |
|
invision_power_services
|
invision_power_board
|
ipchat.php in Invision Power Board 1.1.1 allows remote attackers to execute arbitrary PHP code, if register_globals is enabled, by modifying the root_path parameter to reference a URL on a remote web…
|
CWE-94
Code Injection
|
CVE-2003-1385
|
2017-07-29 10:29 |
2003-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
347669
|
- |
|
axis
|
2400_video_server
2401_video_server
|
AXIS 2400 Video Server 2.00 through 2.33 allows remote attackers to obtain sensitive information via an HTTP request to /support/messages, which displays the server's /var/log/messages file.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2003-1386
|
2017-07-29 10:29 |
2003-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
347670
|
- |
|
research_triangle_software
|
cryptobuddy
|
RTS CryptoBuddy 1.2 and earlier truncates long passphrases without warning the user, which may make it easier to conduct certain brute force guessing attacks.
|
CWE-310
Cryptographic Issues
|
CVE-2003-1389
|
2017-07-29 10:29 |
2003-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
