Export limit exceeded: 348979 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 348979 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (348979 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2003-1154 | 1 Clearswift | 1 Mailsweeper | 2026-04-16 | N/A |
| MAILsweeper for SMTP 4.3 allows remote attackers to bypass virus protection via a mail message with a malformed zip attachment, as exploited by certain MIMAIL virus variants. | ||||
| CVE-2003-1156 | 1 Sun | 2 Jdk, Jre | 2026-04-16 | N/A |
| Java Runtime Environment (JRE) and Software Development Kit (SDK) 1.4.2 through 1.4.2_02 allows local users to overwrite arbitrary files via a symlink attack on (1) unpack.log, as created by the unpack program, or (2) .mailcap1 and .mime.types1, as created by the RPM program. | ||||
| CVE-2003-1157 | 1 Citrix | 1 Metaframe | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in login.asp in Citrix MetaFrame XP Server 1.0 allows remote attackers to inject arbitrary web script or HTML via the NFuse_Message parameter. | ||||
| CVE-2003-1158 | 1 Plug And Play Software | 1 Plug And Play Web Server | 2026-04-16 | N/A |
| Multiple buffer overflows in the FTP service in Plug and Play Web Server 1.0002c allow remote attackers to cause a denial of service (crash) via long (1) dir, (2) ls, (3) delete, (4) mkdir, (5) DELE, (6) RMD, or (7) MKD commands. | ||||
| CVE-2003-1159 | 1 Plug And Play | 1 Plug And Play Web Server Proxy | 2026-04-16 | N/A |
| Plug and Play Web Server Proxy 1.0002c allows remote attackers to cause a denial of service (server crash) via an invalid URI in an HTTP GET request to TCP port 8080. | ||||
| CVE-2003-1161 | 1 Linux | 1 Linux Kernel | 2026-04-16 | N/A |
| exit.c in Linux kernel 2.6-test9-CVS, as stored on kernel.bkbits.net, was modified to contain a backdoor, which could allow local users to elevate their privileges by passing __WCLONE|__WALL to the sys_wait4 function. | ||||
| CVE-2003-1162 | 1 Tritanium Scripts | 1 Tritanium Bulletin Board | 2026-04-16 | N/A |
| index.php in Tritanium Bulletin Board 1.2.3 allows remote attackers to read and reply to arbitrary messages by modifying the thread_id, forum_id, and sid parameters. | ||||
| CVE-2003-1173 | 1 Centrinity | 1 Centrinity Firstclass | 2026-04-16 | N/A |
| Centrinity FirstClass 7.1 allows remote attackers to access sensitive information by appending search to the end of the URL and checking all of the search option checkboxes and leaving the text field blank, which will return all files in the searched directory. | ||||
| CVE-2003-1174 | 1 Nullsoft | 1 Shoutcast Server | 2026-04-16 | N/A |
| Buffer overflow in NullSoft Shoutcast Server 1.9.2 allows local users to cause a denial of service via (1) icy-name followed by a long server name or (2) icy-url followed by a long URL. | ||||
| CVE-2003-1175 | 1 Synthetic Reality | 1 Sympoll | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in Sympoll 1.5 allows remote attackers to inject arbitrary web script or HTML via the vo parameter. | ||||
| CVE-2003-1176 | 1 Bdc Enterprises | 1 Web Wiz Forums | 2026-04-16 | N/A |
| post_message_form.asp in Web Wiz Forums 6.34 through 7.5, when quote mode is used, allows remote attackers to read or write to private forums by modifying the FID (forum ID) parameter. | ||||
| CVE-2003-1178 | 1 Advanced Poll | 1 Advanced Poll | 2026-04-16 | N/A |
| Eval injection vulnerability in comments.php in Advanced Poll 2.0.2 allows remote attackers to execute arbitrary PHP code via the (1) id, (2) template_set, or (3) action parameter. | ||||
| CVE-2003-1179 | 1 Advanced Poll | 1 Advanced Poll | 2026-04-16 | N/A |
| Multiple PHP remote file inclusion vulnerabilities in Advanced Poll 2.0.2 allow remote attackers to execute arbitrary PHP code via the include_path parameter in (1) booth.php, (2) png.php, (3) poll_ssi.php, or (4) popup.php, the (5) base_path parameter to common.inc.php. | ||||
| CVE-2003-1188 | 1 Unichat | 1 Unichat | 2026-04-16 | N/A |
| Unichat allows remote attackers to cause a denial of service (crash) by adding extra chat characters (avatars) and logging in to a chat room, as demonstrated using duplicate ACTOR entries in u2res000.rit. | ||||
| CVE-2003-1181 | 1 Advanced Poll | 1 Advanced Poll | 2026-04-16 | N/A |
| Advanced Poll 2.0.2 allows remote attackers to obtain sensitive information via an HTTP request to info.php, which invokes the phpinfo() function. | ||||
| CVE-2003-1182 | 1 Mpm | 1 Mpm Guestbook | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in MPM Guestbook 1.2 allows remote attackers to inject arbitrary web script or HTML via the lng parameter. | ||||
| CVE-2003-1183 | 1 Oracle | 1 Oracle Files | 2026-04-16 | N/A |
| The WebCache component in Oracle Files 9.0.3.1.0, 9.0.3.2.0, and 9.0.3.3.0 of Oracle Collaboration Suite Release 1 caches files despite the cacheability rules imposed by Oracle Files, which allows local users to gain access. | ||||
| CVE-2003-1184 | 1 Thwboard | 1 Thwboard | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in ThWboard Beta 2.8 and 2.81 allow remote attackers to inject arbitrary web script or HTML via (1) time in board.php, (2) the profile Homepage-Feld, (3) pictures, and (4) other "Diverse XSS Bugs." | ||||
| CVE-2003-1185 | 1 Thwboard | 1 Thwboard | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in ThWboard before Beta 2.8.2 allow remote attackers to inject arbitrary SQL commands via various vectors including (1) Admin-Center, (2) Announcements, (3) admin/calendar.php, and (4) showevent.php. | ||||
| CVE-2003-1186 | 1 Telcondex | 1 Simplewebserver | 2026-04-16 | N/A |
| Buffer overflow in TelCondex SimpleWebServer 2.12.30210 Build3285 allows remote attackers to execute arbitrary code via a long HTTP Referer header. | ||||