Export limit exceeded: 29880 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29880 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2003-0479 | 1 Affordable Web Space Design | 1 Affordable Web Space Design Webbbs | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in the guestbook for WebBBS allows remote attackers to insert arbitrary web script via the (1) Name, (2) Email, or (3) Message fields. | ||||
| CVE-2003-0473 | 1 Sgi | 1 Irix | 2025-04-03 | N/A |
| Unknown vulnerability in the IPv6 capability in IRIX 6.5.19 causes snoop to process packets as the root user, with unknown implications. | ||||
| CVE-2003-0484 | 1 Phpbb Group | 1 Phpbb | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in viewtopic.php for phpBB allows remote attackers to insert arbitrary web script via the topic_id parameter. | ||||
| CVE-2003-0486 | 1 Phpbb Group | 1 Phpbb | 2025-04-03 | N/A |
| SQL injection vulnerability in viewtopic.php for phpBB 2.0.5 and earlier allows remote attackers to steal password hashes via the topic_id parameter. | ||||
| CVE-2003-0488 | 1 Kerio | 1 Kerio Mailserver | 2025-04-03 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Kerio MailServer 5.6.3 allow remote attackers to insert arbitrary web script via (1) the add_name parameter in the add_acl module, or (2) the alias parameter in the do_map module. | ||||
| CVE-2003-0489 | 1 Michael C. Toren | 1 Tcptraceroute | 2025-04-03 | N/A |
| tcptraceroute 1.4 and earlier does not fully drop privileges after obtaining a file descriptor for capturing packets, which may allow local users to gain access to the descriptor via a separate vulnerability in tcptraceroute. | ||||
| CVE-2003-0492 | 1 Snitz Communications | 1 Snitz Forums 2000 | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in search.asp for Snitz Forums 3.4.03 and earlier allows remote attackers to execute arbitrary web script via the Search parameter. | ||||
| CVE-2003-0493 | 1 Snitz Communications | 1 Snitz Forums 2000 | 2025-04-03 | N/A |
| Snitz Forums 3.4.03 and earlier allows attackers to gain privileges as other users by stealing and replaying the encrypted password after obtaining a valid session ID. | ||||
| CVE-2003-0494 | 1 Snitz Communications | 1 Snitz Forums 2000 | 2025-04-03 | N/A |
| password.asp in Snitz Forums 3.4.03 and earlier allows remote attackers to reset passwords and gain privileges as other users by via a direct request to password.asp with a modified member id. | ||||
| CVE-2003-0495 | 1 Ledscripts.com | 1 Lednews | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in LedNews 0.7 allows remote attackers to insert arbitrary web script via a news item. | ||||
| CVE-2003-0491 | 1 Mytutorials | 1 Tutorials | 2025-04-03 | N/A |
| The Tutorials 2.0 module in XOOPS and E-XOOPS allows remote attackers to execute arbitrary code by uploading a PHP file without a MIME image type, then directly accessing the uploaded file. | ||||
| CVE-2003-0506 | 1 Microsoft | 1 Netmeeting | 2025-04-03 | N/A |
| Microsoft NetMeeting 3.01 2000 before SP4 allows remote attackers to cause a denial of service (shutdown of NetMeeting conference) via malformed packets, as demonstrated via the chat conversation. | ||||
| CVE-2003-0505 | 1 Microsoft | 1 Netmeeting | 2025-04-03 | N/A |
| Directory traversal vulnerability in Microsoft NetMeeting 3.01 2000 before SP4 allows remote attackers to read arbitrary files via "..\.." (dot dot) sequences in a file transfer request. | ||||
| CVE-2003-0515 | 1 Teapop | 1 Teapop | 2025-04-03 | N/A |
| SQL injection vulnerabilities in the (1) PostgreSQL or (2) MySQL authentication modules for teapop 0.3.5 and earlier allow attackers to execute arbitrary SQL and possibly gain privileges. | ||||
| CVE-2003-0511 | 1 Cisco | 1 Ios | 2025-04-03 | N/A |
| The web server for Cisco Aironet AP1x00 Series Wireless devices running certain versions of IOS 12.2 allow remote attackers to cause a denial of service (reload) via a malformed URL. | ||||
| CVE-2003-0514 | 1 Apple | 1 Safari | 2025-04-03 | N/A |
| Apple Safari allows remote attackers to bypass intended cookie access restrictions on a web application via "%2e%2e" (encoded dot dot) directory traversal sequences in a URL, which causes Safari to send the cookie outside the specified URL subsets, e.g. to a vulnerable application that runs on the same server as the target application. | ||||
| CVE-2003-0520 | 1 Cerulean Studios | 1 Trillian | 2025-04-03 | N/A |
| Trillian 1.0 Pro and 0.74 Freeware allows remote attackers to cause a denial of service (crash) via a TypingUser message in which the "TypingUser" string has been modified. | ||||
| CVE-2003-0519 | 1 Microsoft | 1 Internet Explorer | 2025-04-03 | N/A |
| Certain versions of Internet Explorer 5 and 6, in certain Windows environments, allow remote attackers to cause a denial of service (freeze) via a URL to C:\aux (MS-DOS device name) and possibly other devices. | ||||
| CVE-2003-0522 | 1 Early Impact | 1 Productcart | 2025-04-03 | N/A |
| Multiple SQL injection vulnerabilities in ProductCart 1.5 through 2 allow remote attackers to (1) gain access to the admin control panel via the idadmin parameter to login.asp or (2) gain other privileges via the Email parameter to Custva.asp. | ||||
| CVE-2003-0523 | 1 Early Impact | 1 Productcart | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in msg.asp for certain versions of ProductCart allow remote attackers to execute arbitrary web script via the message parameter. | ||||