|
300011
|
- |
|
netbus
|
netbus
|
Netbus 1.5 through 1.7 allows more than one client to be connected at the same time, but only prompts the first connection for authentication, which allows remote attackers to gain access.
|
CWE-287
Improper Authentication
|
CVE-2003-1475
|
2017-07-29 10:29 |
2003-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300012
|
- |
|
clearswift
|
mailsweeper_for_smtp
|
MAILsweeper for SMTP 4.3.6 and 4.3.7 allows remote attackers to cause a denial of service (CPU consumption) via a PowerPoint attachment that either (1) is corrupt or (2) contains "embedded objects."
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2003-1477
|
2017-07-29 10:29 |
2003-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300013
|
- |
|
kde
|
konqueror
|
Konqueror in KDE 3.0.3 allows remote attackers to cause a denial of service (core dump) via a web page that begins with a "xFFxFE" byte sequence and a large number of CRLF sequences, as demonstrated …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2003-1478
|
2017-07-29 10:29 |
2003-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300014
|
- |
|
darkwet
|
webcam_xp
|
Cross-site scripting (XSS) vulnerability in webcamXP 1.02.432 and 1.02.535 allows remote attackers to inject arbitrary web script or HTML via the message field.
|
CWE-79
Cross-site Scripting
|
CVE-2003-1479
|
2017-07-29 10:29 |
2003-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300015
|
- |
|
stalker
|
communigate_pro
|
CommuniGate Pro 3.1 through 4.0.6 sends the session ID in the referer field for an HTTP request for an image, which allows remote attackers to hijack mail sessions via an e-mail with an IMG tag that …
|
CWE-200
Information Exposure
|
CVE-2003-1481
|
2017-07-29 10:29 |
2003-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300016
|
- |
|
flashfxp
|
flashfxp
|
FlashFXP 1.4 uses a weak encryption algorithm for user passwords, which allows attackers to decrypt the passwords and gain access.
|
CWE-255
CWE-310
Credentials Management
Cryptographic Issues
|
CVE-2003-1483
|
2017-07-29 10:29 |
2003-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300017
|
- |
|
microsoft
|
ie
|
Microsoft Internet Explorer 6.0 SP1 allows remote attackers to cause a denial of service (crash) by creating a DHTML link that uses the AnchorClick "A" object with a blank href attribute.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2003-1484
|
2017-07-29 10:29 |
2003-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300018
|
- |
|
phorum
|
phorum
|
Phorum 3.4 through 3.4.2 allows remote attackers to obtain the full path of the web server via an incorrect HTTP request to (1) smileys.php, (2) quick_listrss.php, (3) purge.php, (4) news.php, (5) me…
|
CWE-200
Information Exposure
|
CVE-2003-1486
|
2017-07-29 10:29 |
2003-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300019
|
- |
|
phorum
|
phorum
|
Multiple "command injection" vulnerabilities in Phorum 3.4 through 3.4.2 allow remote attackers to execute arbitrary commands and modify the Phorum configuration files via the (1) UserAdmin program, …
|
CWE-20
Improper Input Validation
|
CVE-2003-1487
|
2017-07-29 10:29 |
2003-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300020
|
- |
|
truelogik
|
truegalerie
|
The (1) verif_admin.php and (2) check_admin.php scripts in Truegalerie 1.0 allow remote attackers to gain administrator access via a request to admin.php without the connect parameter and with the lo…
|
CWE-20
Improper Input Validation
|
CVE-2003-1488
|
2017-07-29 10:29 |
2003-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
