|
345741
|
- |
|
aprelium_technologies
|
abyss_web_server
|
Heap-based buffer overflow in Aprelium Abyss Web Server 1.1.2 and earlier allows remote attackers to execute arbitrary code via a long HTTP GET request.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2003-1337
|
2017-07-29 10:29 |
2003-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
345742
|
- |
|
trend_micro
|
officescan
virus_buster
|
The default installation of Trend Micro OfficeScan 3.0 through 3.54 and 5.x allows remote attackers to bypass authentication from cgiChkMasterPasswd.exe and gain access to the web management console …
|
CWE-16
Configuration
|
CVE-2003-1341
|
2017-07-29 10:29 |
2003-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
345743
|
- |
|
trend_micro
|
scanmail
|
Trend Micro ScanMail for Exchange (SMEX) before 3.81 and before 6.1 might install a back door account in smg_Smxcfg30.exe, which allows remote attackers to gain access to the web management interface…
|
CWE-287
Improper Authentication
|
CVE-2003-1343
|
2017-07-29 10:29 |
2003-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
345744
|
- |
|
trend_micro
|
virus_control_system
|
Trend Micro Virus Control System (TVCS) Log Collector allows remote attackers to obtain usernames, encrypted passwords, and other sensitive information via a URL request for getservers.exe with the a…
|
CWE-310
Cryptographic Issues
|
CVE-2003-1344
|
2017-07-29 10:29 |
2003-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
345745
|
- |
|
follett_software
|
webcollection_plus
|
Directory traversal vulnerability in s.dll in WebCollection Plus 5.00 allows remote attackers to view arbitrary files in c:\ via a full pathname in the d parameter.
|
CWE-22
Path Traversal
|
CVE-2003-1345
|
2017-07-29 10:29 |
2003-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
345746
|
- |
|
d-link
|
dwl-900ap\+
|
D-Link wireless access point DWL-900AP+ 2.2, 2.3 and possibly 2.5 allows remote attackers to set factory default settings by upgrading the firmware using AirPlus Access Point Manager.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2003-1346
|
2017-07-29 10:29 |
2003-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
345747
|
- |
|
geeklog
|
geeklog
|
Multiple cross-site scripting (XSS) vulnerabilities in Geeklog 1.3.7 allow remote attackers to inject arbitrary web script or HTML via the (1) cid parameter to comment.php, (2) uid parameter to profi…
|
CWE-79
Cross-site Scripting
|
CVE-2003-1347
|
2017-07-29 10:29 |
2003-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
345748
|
- |
|
ftls
|
guestbook
|
Cross-site scripting (XSS) vulnerability in guestbook.cgi in ftls.org Guestbook 1.1 allows remote attackers to inject arbitrary web script or HTML via the (1) comment, (2) name, or (3) title field.
|
CWE-79
Cross-site Scripting
|
CVE-2003-1348
|
2017-07-29 10:29 |
2003-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
345749
|
- |
|
thomas_krebs
|
niteserver_ftpd
|
Directory traversal vulnerability in NITE ftp-server (NiteServer) 1.83 allows remote attackers to list arbitrary directories via a "\.." (backslash dot dot) in the CD (CWD) command.
|
CWE-22
Path Traversal
|
CVE-2003-1349
|
2017-07-29 10:29 |
2003-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
345750
|
- |
|
list_site_pro
|
list_site_pro
|
List Site Pro 2.0 allows remote attackers to hijack user accounts by inserting a "|" (pipe), which is used as a field delimiter, into the bannerurl field.
|
CWE-20
Improper Input Validation
|
CVE-2003-1350
|
2017-07-29 10:29 |
2003-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
