SQL injection vulnerability in search.php for phpBB 2.0.6 and earlier allows remote attackers to execute arbitrary SQL and gain privileges via the search_id parameter.
Max CVSS
7.5
EPSS Score
2.00%
Published
2003-11-27
Updated
2017-07-11
SQL injection vulnerability in viewtopic.asp in VieBoard 2.6 allows remote attackers to execute arbitrary SQL commands via the forumid parameter.
Max CVSS
7.5
EPSS Score
0.27%
Published
2003-11-03
Updated
2017-07-11
SQL injection vulnerability in getmember.asp in VieBoard 2.6 Beta 1 allows remote attackers to execute arbitrary SQL commands via the msn variable.
Max CVSS
7.5
EPSS Score
0.20%
Published
2003-11-23
Updated
2017-07-11
Multiple SQL injection vulnerabilities in the Portal DB (1) List of Values (LOVs), (2) Forms, (3) Hierarchy, and (4) XML components packages in Oracle Oracle9i Application Server 9.0.2.00 through 3.0.9.8.5 allow remote attackers to execute arbitrary SQL commands via the URL.
Max CVSS
7.5
EPSS Score
0.27%
Published
2003-11-03
Updated
2017-07-11

CVE-2003-1192

Public exploit
Stack-based buffer overflow in IA WebMail Server 3.1.0 allows remote attackers to execute arbitrary code via a long GET request.
Max CVSS
10.0
EPSS Score
96.55%
Published
2003-11-03
Updated
2017-07-11
Multiple SQL injection vulnerabilities in ThWboard before Beta 2.8.2 allow remote attackers to inject arbitrary SQL commands via various vectors including (1) Admin-Center, (2) Announcements, (3) admin/calendar.php, and (4) showevent.php.
Max CVSS
7.5
EPSS Score
0.73%
Published
2003-11-03
Updated
2017-07-11
Buffer overflow in the log viewing interface in Perception LiteServe 1.25 through 2.2 allows remote attackers to execute arbitrary code via a GET request with a long file name.
Max CVSS
10.0
EPSS Score
27.43%
Published
2003-11-04
Updated
2017-07-11
Help in NIPrint LPD-LPR Print Server 4.10 and earlier executes Windows Explorer with SYSTEM privileges, which allows local users to gain privileges.
Max CVSS
10.0
EPSS Score
0.68%
Published
2003-11-03
Updated
2017-07-11

CVE-2003-1141

Public exploit
Buffer overflow in NIPrint 4.10 allows remote attackers to execute arbitrary code via a long string to TCP port 515.
Max CVSS
7.5
EPSS Score
84.05%
Published
2003-11-04
Updated
2017-07-11
Unknown vulnerability in the libraries for the PGX32 frame buffer in Solaris 2.5.1 and 2.6 through 9 allows local users to gain root access.
Max CVSS
7.2
EPSS Score
0.18%
Published
2003-11-20
Updated
2018-10-30
Buffer overflow in to_ascii for PostgreSQL 7.2.x, and 7.3.x before 7.3.4, allows remote attackers to execute arbitrary code.
Max CVSS
7.5
EPSS Score
11.61%
Published
2003-11-03
Updated
2008-09-05
Buffer overflow in defang in libhttpd.c for thttpd 2.21 to 2.23b1 allows remote attackers to execute arbitrary code via requests that contain '<' or '>' characters, which trigger the overflow when the characters are expanded to "&lt;" and "&gt;" sequences.
Max CVSS
9.8
EPSS Score
19.30%
Published
2003-11-03
Updated
2024-02-02
The loadClass method of the sun.applet.AppletClassLoader class in the Java Virtual Machine (JVM) in Sun SDK and JRE 1.4.1_03 and earlier allows remote attackers to bypass sandbox restrictions and execute arbitrary code via a loaded class name that contains "/" (slash) instead of "." (dot) characters, which bypasses a call to the Security Manager's checkPackageAccess method.
Max CVSS
7.5
EPSS Score
10.36%
Published
2003-11-17
Updated
2016-10-18
Mail in Mac OS X before 10.3, when configured to use MD5 Challenge Response, uses plaintext authentication if the CRAM-MD5 hashed login fails, which could allow remote attackers to gain privileges by sniffing the password.
Max CVSS
7.5
EPSS Score
0.51%
Published
2003-11-03
Updated
2008-09-05
Unknown vulnerability in QuickTime Java in Mac OS X v10.3 and Mac OS X Server 10.3 allows attackers to gain "unauthorized access to a system."
Max CVSS
7.5
EPSS Score
0.23%
Published
2003-11-03
Updated
2008-09-10
Heap-based buffer overflow in Opera 7.11 and 7.20 allows remote attackers to execute arbitrary code via an HREF with a large number of escaped characters in the server name.
Max CVSS
7.5
EPSS Score
4.81%
Published
2003-11-17
Updated
2022-03-01
Heap-based buffer overflow in readstring of httpget.c for mpg123 0.59r and 0.59s allows remote attackers to execute arbitrary code via a long request.
Max CVSS
7.5
EPSS Score
44.54%
Published
2003-11-17
Updated
2016-10-18
The php_check_safe_mode_include_dir function in fopen_wrappers.c of PHP 4.3.x returns a success value (0) when the safe_mode_include_dir variable is not specified in configuration, which differs from the previous failure value and may allow remote attackers to exploit file include vulnerabilities in PHP applications.
Max CVSS
7.5
EPSS Score
5.93%
Published
2003-11-17
Updated
2018-10-30
Integer overflows in (1) base64_encode and (2) the GD library for PHP before 4.3.3 have unknown impact and unknown attack vectors.
Max CVSS
10.0
EPSS Score
0.38%
Published
2003-11-17
Updated
2018-10-30
Buffer overflows in PHP before 4.3.3 have unknown impact and unknown attack vectors.
Max CVSS
10.0
EPSS Score
0.38%
Published
2003-11-17
Updated
2018-10-30
Pan 0.13.3 and earlier allows remote attackers to cause a denial of service (crash) via a news post with a long author email address.
Max CVSS
7.8
EPSS Score
1.79%
Published
2003-11-03
Updated
2008-09-05
The TCP reassembly functionality in libnids before 1.18 allows remote attackers to cause "memory corruption" and possibly execute arbitrary code via "overlarge TCP packets."
Max CVSS
7.5
EPSS Score
3.47%
Published
2003-11-17
Updated
2016-10-18
Buffer overflow in net.c for cfengine 2.x before 2.0.8 allows remote attackers to execute arbitrary code via certain packets with modified length values, which is trusted by the ReceiveTransaction function when using a buffer provided by the BusyWithConnection function.
Max CVSS
7.5
EPSS Score
9.77%
Published
2003-11-17
Updated
2016-10-18
Unknown vulnerability in the HSQLDB component in JBoss 3.2.1 and 3.0.8 on Java 1.4.x platforms, when running in the default configuration, allows remote attackers to conduct unauthorized activities and possibly execute arbitrary code via certain SQL statements to (1) TCP port 1701 in JBoss 3.2.1, and (2) port 1476 in JBoss 3.0.8.
Max CVSS
7.5
EPSS Score
10.90%
Published
2003-11-17
Updated
2020-03-24
mod_gzip 1.3.26.1a and earlier, and possibly later official versions, when running in debug mode without the Apache log, allows local users to overwrite arbitrary files via (1) a symlink attack on predictable temporary filenames on Unix systems, or (2) an NTFS hard link on Windows systems when the "Strengthen default permissions of internal system objects" policy is not enabled.
Max CVSS
7.1
EPSS Score
0.04%
Published
2003-11-17
Updated
2024-02-16
50 vulnerabilities found
1 2
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!