SQL injection vulnerability in search.php for phpBB 2.0.6 and earlier allows remote attackers to execute arbitrary SQL and gain privileges via the search_id parameter.
Max CVSS
7.5
EPSS Score
2.00%
Published
2003-11-27
Updated
2017-07-11
SQL injection vulnerability in viewtopic.asp in VieBoard 2.6 allows remote attackers to execute arbitrary SQL commands via the forumid parameter.
Max CVSS
7.5
EPSS Score
0.27%
Published
2003-11-03
Updated
2017-07-11
SQL injection vulnerability in getmember.asp in VieBoard 2.6 Beta 1 allows remote attackers to execute arbitrary SQL commands via the msn variable.
Max CVSS
7.5
EPSS Score
0.20%
Published
2003-11-23
Updated
2017-07-11
Multiple SQL injection vulnerabilities in the Portal DB (1) List of Values (LOVs), (2) Forms, (3) Hierarchy, and (4) XML components packages in Oracle Oracle9i Application Server 9.0.2.00 through 3.0.9.8.5 allow remote attackers to execute arbitrary SQL commands via the URL.
Max CVSS
7.5
EPSS Score
0.27%
Published
2003-11-03
Updated
2017-07-11

CVE-2003-1192

Public exploit
Stack-based buffer overflow in IA WebMail Server 3.1.0 allows remote attackers to execute arbitrary code via a long GET request.
Max CVSS
10.0
EPSS Score
96.55%
Published
2003-11-03
Updated
2017-07-11
Cross-site scripting (XSS) vulnerability in PHPRecipeBook 1.24 through 2.17 allows remote attackers to inject arbitrary web script or HTML via a recipe.
Max CVSS
4.3
EPSS Score
0.48%
Published
2003-11-03
Updated
2017-07-11
Unichat allows remote attackers to cause a denial of service (crash) by adding extra chat characters (avatars) and logging in to a chat room, as demonstrated using duplicate ACTOR entries in u2res000.rit.
Max CVSS
5.0
EPSS Score
1.95%
Published
2003-11-02
Updated
2017-07-11
Cross-site scripting (XSS) vulnerability in include.php in PHPKIT 1.6.02 and 1.6.03 allows remote attackers to inject arbitrary web script or HTML via the contact_email parameter.
Max CVSS
6.8
EPSS Score
1.06%
Published
2003-11-02
Updated
2017-07-11
Multiple SQL injection vulnerabilities in ThWboard before Beta 2.8.2 allow remote attackers to inject arbitrary SQL commands via various vectors including (1) Admin-Center, (2) Announcements, (3) admin/calendar.php, and (4) showevent.php.
Max CVSS
7.5
EPSS Score
0.73%
Published
2003-11-03
Updated
2017-07-11
Multiple cross-site scripting (XSS) vulnerabilities in ThWboard Beta 2.8 and 2.81 allow remote attackers to inject arbitrary web script or HTML via (1) time in board.php, (2) the profile Homepage-Feld, (3) pictures, and (4) other "Diverse XSS Bugs."
Max CVSS
4.3
EPSS Score
1.61%
Published
2003-11-03
Updated
2017-07-11
Cross-site scripting (XSS) vulnerability in MPM Guestbook 1.2 allows remote attackers to inject arbitrary web script or HTML via the lng parameter.
Max CVSS
6.8
EPSS Score
0.71%
Published
2003-11-03
Updated
2017-07-11
Cross-site scripting (XSS) vulnerability in friendmail.php in OpenAutoClassifieds 1.0 allows remote attackers to inject arbitrary web script or HTML via the listing parameter.
Max CVSS
6.8
EPSS Score
2.27%
Published
2003-11-03
Updated
2017-07-11
Buffer overflow in the log viewing interface in Perception LiteServe 1.25 through 2.2 allows remote attackers to execute arbitrary code via a GET request with a long file name.
Max CVSS
10.0
EPSS Score
27.43%
Published
2003-11-04
Updated
2017-07-11
Help in NIPrint LPD-LPR Print Server 4.10 and earlier executes Windows Explorer with SYSTEM privileges, which allows local users to gain privileges.
Max CVSS
10.0
EPSS Score
0.68%
Published
2003-11-03
Updated
2017-07-11

CVE-2003-1141

Public exploit
Buffer overflow in NIPrint 4.10 allows remote attackers to execute arbitrary code via a long string to TCP port 515.
Max CVSS
7.5
EPSS Score
84.05%
Published
2003-11-04
Updated
2017-07-11
Monit 1.4 to 4.1 allows remote attackers to cause a denial of service (daemon crash) via an HTTP POST request with a negative Content-Length field.
Max CVSS
5.0
EPSS Score
6.47%
Published
2003-11-24
Updated
2017-07-11
Unknown vulnerability in the libraries for the PGX32 frame buffer in Solaris 2.5.1 and 2.6 through 9 allows local users to gain root access.
Max CVSS
7.2
EPSS Score
0.18%
Published
2003-11-20
Updated
2018-10-30
Buffer overflow in to_ascii for PostgreSQL 7.2.x, and 7.3.x before 7.3.4, allows remote attackers to execute arbitrary code.
Max CVSS
7.5
EPSS Score
11.61%
Published
2003-11-03
Updated
2008-09-05
Buffer overflow in defang in libhttpd.c for thttpd 2.21 to 2.23b1 allows remote attackers to execute arbitrary code via requests that contain '<' or '>' characters, which trigger the overflow when the characters are expanded to "&lt;" and "&gt;" sequences.
Max CVSS
9.8
EPSS Score
19.30%
Published
2003-11-03
Updated
2024-02-02
IBM DB2 7.2 before FixPak 10a, and earlier versions including 7.1, allows local users to overwrite arbitrary files and gain privileges via a symlink attack on (1) db2job and (2) db2job2.
Max CVSS
4.6
EPSS Score
0.04%
Published
2003-11-17
Updated
2016-10-18
"Shatter" vulnerability in CommCtl32.dll in Windows XP may allow local users to execute arbitrary code by sending (1) BCM_GETTEXTMARGIN or (2) BCM_SETTEXTMARGIN button control messages to privileged applications.
Max CVSS
4.6
EPSS Score
0.04%
Published
2003-11-17
Updated
2017-07-11
The loadClass method of the sun.applet.AppletClassLoader class in the Java Virtual Machine (JVM) in Sun SDK and JRE 1.4.1_03 and earlier allows remote attackers to bypass sandbox restrictions and execute arbitrary code via a loaded class name that contains "/" (slash) instead of "." (dot) characters, which bypasses a call to the Security Manager's checkPackageAccess method.
Max CVSS
7.5
EPSS Score
10.36%
Published
2003-11-17
Updated
2016-10-18
Buffer overflow in the Mac OS X kernel 10.2.8 and earlier allows local users, and possibly remote attackers, to cause a denial of service (crash), access portions of memory, and possibly execute arbitrary code via a long command line argument (argv[]).
Max CVSS
4.6
EPSS Score
0.32%
Published
2003-11-03
Updated
2017-07-11
Buffer overflow in the (1) oracle and (2) oracleO programs in Oracle 9i Database 9.0.x and 9.2.x before 9.2.0.4 allows local users to execute arbitrary code via a long command line argument.
Max CVSS
4.6
EPSS Score
0.08%
Published
2003-11-17
Updated
2017-07-11
The System Preferences capability in Mac OS X before 10.3 allows local users to access secure Preference Panes for a short period after an administrator has authenticated to the system.
Max CVSS
4.6
EPSS Score
0.04%
Published
2003-11-03
Updated
2008-09-05
93 vulnerabilities found
1 2 3 4
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!