ReportizFlow
Filtered by vendor
Subscriptions
Total
29911 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2003-1089 | 1 Phpoutsourcing | 1 Zorum | 2026-04-16 | N/A |
| index.php for Zorum 3.4 allows remote attackers to determine the full path of the web root via invalid parameter names, which reveals the path in a PHP error message. | ||||
| CVE-2003-1092 | 1 Christos Zoulas | 1 File 1 | 2026-04-16 | N/A |
| Unknown vulnerability in the "Automatic File Content Type Recognition (AFCTR) Tool version of the file package before 3.41, related to "a memory allocation problem," has unknown impact. | ||||
| CVE-2003-1101 | 1 Hummingbird | 1 Cyberdocs | 2026-04-16 | N/A |
| Hummingbird CyberDOCS 3.5.1, 3.9, and 4.0 allows remote attackers to obtain the full path of the DM Web Server via invalid login credentials, which reveals the path in an error message. | ||||
| CVE-2003-1107 | 1 Microsoft | 1 Windows Media Player | 2026-04-16 | N/A |
| The DHTML capability in Microsoft Windows Media Player (WMP) 6.4, 7.0, 7.1, and 9 may run certain URL commands from a security zone that is less trusted than the current zone, which allows attackers to bypass intended access restrictions. | ||||
| CVE-2003-1108 | 1 Alcatel-lucent | 1 Omnipcx | 2026-04-16 | N/A |
| The Session Initiation Protocol (SIP) implementation in Alcatel OmniPCX Enterprise 5.0 Lx allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted INVITE messages, as demonstrated by the OUSPG PROTOS c07-sip test suite. | ||||
| CVE-2003-1111 | 1 Dynamicsoft | 1 Appengine | 2026-04-16 | N/A |
| The Session Initiation Protocol (SIP) implementation in multiple dynamicsoft products including y and certain demo products for AppEngine allows remote attackers to cause a denial of service or execute arbitrary code via crafted INVITE messages, as demonstrated by the OUSPG PROTOS c07-sip test suite. | ||||
| CVE-2003-1123 | 1 Sun | 2 Jdk, Jre | 2026-04-16 | N/A |
| Sun Java Runtime Environment (JRE) and SDK 1.4.0_01 and earlier allows untrusted applets to access certain information within trusted applets, which allows attackers to bypass the restrictions of the Java security model. | ||||
| CVE-2003-1124 | 1 Sun | 1 Management\+center | 2026-04-16 | N/A |
| Unknown vulnerability in Sun Management Center (SunMC) 2.1.1, 3.0, and 3.0 Revenue Release (RR), when installed and run by root, allows local users to create or modify arbitrary files. | ||||
| CVE-2003-1125 | 1 Sun | 1 One Directory Server | 2026-04-16 | N/A |
| Unknown vulnerability in ns-ldapd for Sun ONE Directory Server 4.16, 5.0, and 5.1 allows LDAP clients to cause a denial of service (service halt). | ||||
| CVE-2003-1128 | 1 X2 Studios | 1 Xmms Remote | 2026-04-16 | N/A |
| XMMS.pm in X2 XMMS Remote, as obtained from the vendor server between 4 AM 11 AM PST on May 7, 2003, allows remote attackers to execute arbitrary commands via shell metacharacters in a request to TCP port 8086. | ||||
| CVE-2003-1131 | 1 Activecampaign | 1 Knowledgebuilder | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in index.php in KnowledgeBuilder, referred to as KnowledgeBase, allows remote attackers to execute arbitrary PHP code by modifying the page parameter to reference a URL on a remote web server that contains the code. | ||||
| CVE-2003-1135 | 1 Yahoo | 1 Messenger | 2026-04-16 | N/A |
| Buffer overflow in Yahoo! Messenger 5.6 allows remote attackers to cause a denial of service (crash) via a file send request (sendfile) with a large number of "%" (percent) characters after the Yahoo ID. | ||||
| CVE-2003-1148 | 1 Les Visiteurs | 1 Les Visiteurs | 2026-04-16 | N/A |
| Multiple PHP remote file inclusion vulnerabilities in J-Pierre DEZELUS Les Visiteurs 2.0.1, as used in phpMyConferences (phpMyConference) 8.0.2 and possibly other products, allow remote attackers to execute arbitrary PHP code via a URL in the lvc_include_dir parameter to (1) config.inc.php or (2) new-visitor.inc.php in common/visiteurs/include/. | ||||
| CVE-2003-1152 | 1 Infrontech | 1 Webtide | 2026-04-16 | N/A |
| WebTide 7.04 allows remote attackers to list arbitrary directories via an HTTP request for %3f.jsp (encoded "?"). | ||||
| CVE-2003-1159 | 1 Plug And Play | 1 Plug And Play Web Server Proxy | 2026-04-16 | N/A |
| Plug and Play Web Server Proxy 1.0002c allows remote attackers to cause a denial of service (server crash) via an invalid URI in an HTTP GET request to TCP port 8080. | ||||
| CVE-2003-1160 | 1 Seyeon | 1 Flexwatch Network Video Server | 2026-04-16 | N/A |
| FlexWATCH Network video server 132 allows remote attackers to bypass authentication and gain administrative privileges via an HTTP request to aindex.htm that contains double leading slashes (//). | ||||
| CVE-2003-1162 | 1 Tritanium Scripts | 1 Tritanium Bulletin Board | 2026-04-16 | N/A |
| index.php in Tritanium Bulletin Board 1.2.3 allows remote attackers to read and reply to arbitrary messages by modifying the thread_id, forum_id, and sid parameters. | ||||
| CVE-2003-1168 | 1 Http Commander | 1 Http Commander | 2026-04-16 | N/A |
| HTTP Commander 4.0 allows remote attackers to obtain sensitive information via an HTTP request that contains a . (dot) in the file parameter, which reveals the installation path in an error message. | ||||
| CVE-2003-1177 | 1 Atrium Software | 1 Mercur Mailserver | 2026-04-16 | N/A |
| Buffer overflow in the base64 decoder in MERCUR Mailserver 4.2 before SP3a allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long (1) AUTH command to the POP3 server or (2) AUTHENTICATE command to the IMAP server. | ||||
| CVE-2003-1179 | 1 Advanced Poll | 1 Advanced Poll | 2026-04-16 | N/A |
| Multiple PHP remote file inclusion vulnerabilities in Advanced Poll 2.0.2 allow remote attackers to execute arbitrary PHP code via the include_path parameter in (1) booth.php, (2) png.php, (3) poll_ssi.php, or (4) popup.php, the (5) base_path parameter to common.inc.php. | ||||