|
347791
|
- |
|
kazaa
|
kazaa_media_desktop
|
Buffer overflow in KaZaA Media Desktop 2.0 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a response to the ad server.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2003-1395
|
2017-07-29 10:29 |
2003-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
347792
|
- |
|
cisco
|
ios
|
Cisco IOS 12.0 through 12.2, when IP routing is disabled, accepts false ICMP redirect messages, which allows remote attackers to cause a denial of service (network routing modification).
|
CWE-200
Information Exposure
|
CVE-2003-1398
|
2017-07-29 10:29 |
2003-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
347793
|
- |
|
eject
|
eject
|
eject 2.0.10, when installed setuid on systems such as SuSE Linux 7.3, generates different error messages depending on whether a specified file exists or not, which allows local users to obtain sensi…
|
NVD-CWE-Other
|
CVE-2003-1399
|
2017-07-29 10:29 |
2003-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
347794
|
- |
|
francisco_burzi
|
php-nuke
|
Cross-site scripting (XSS) vulnerability in the Your_Account module for PHP-Nuke 5.0 through 6.0 allows remote attackers to inject arbitrary web script or HTML via the user_avatar parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2003-1400
|
2017-07-29 10:29 |
2003-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
347795
|
- |
|
php_board
|
php_board
|
login.php in php-Board 1.0 stores plaintext passwords in $username.txt with insufficient access control under the web document root, which allows remote attackers to obtain sensitive information via …
|
CWE-255
Credentials Management
|
CVE-2003-1401
|
2017-07-29 10:29 |
2003-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
347796
|
- |
|
kietu
|
kietu
|
PHP remote file inclusion vulnerability in hit.php for Kietu 2.0 and 2.3 allows remote attackers to execute arbitrary PHP code via the url_hit parameter, a different vulnerability than CVE-2006-5015.
|
CWE-20
Improper Input Validation
|
CVE-2003-1402
|
2017-07-29 10:29 |
2003-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
347797
|
- |
|
dotbr
|
botbr
|
foo.php3 in DotBr 0.1 allows remote attackers to obtain sensitive information via a direct request, which calls the phpinfo function.
|
CWE-20
Improper Input Validation
|
CVE-2003-1403
|
2017-07-29 10:29 |
2003-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
347798
|
- |
|
dotbr
|
botbr
|
DotBr 0.1 stores config.inc with insufficient access control under the web document root, which allows remote attackers to obtain sensitive information such as SQL usernames and passwords.
|
CWE-200
Information Exposure
|
CVE-2003-1404
|
2017-07-29 10:29 |
2003-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
347799
|
- |
|
dotbr
|
botbr
|
DotBr 0.1 allows remote attackers to execute arbitrary shell commands via the cmd parameter to (1) exec.php3 or (2) system.php3.
|
CWE-20
Improper Input Validation
|
CVE-2003-1405
|
2017-07-29 10:29 |
2003-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
347800
|
- |
|
adalis_infomatique
|
d_forum
|
PHP remote file inclusion vulnerability in D-Forum 1.00 through 1.11 allows remote attackers to execute arbitrary PHP code via a URL in the (1) my_header parameter to header.php3 or (2) my_footer par…
|
CWE-94
Code Injection
|
CVE-2003-1406
|
2017-07-29 10:29 |
2003-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
