| # |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
|
1 |
CVE-2003-1561 |
200 |
|
+Info |
2003-12-31 |
2009-01-29 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
|
Opera, probably before 7.50, sends Referer headers containing https:// URLs in requests for http:// URLs, which allows remote attackers to obtain potentially sensitive information by reading Referer log data. |
|
2 |
CVE-2003-1560 |
200 |
|
+Info |
2003-12-31 |
2009-01-29 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
Netscape 4 sends Referer headers containing https:// URLs in requests for http:// URLs, which allows remote attackers to obtain potentially sensitive information by reading Referer log data. |
|
3 |
CVE-2003-1559 |
200 |
|
+Info |
2003-12-31 |
2009-01-29 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
Microsoft Internet Explorer 5.22, and other 5 through 6 SP1 versions, sends Referer headers containing https:// URLs in requests for http:// URLs, which allows remote attackers to obtain potentially sensitive information by reading Referer log data. |
|
4 |
CVE-2003-1555 |
200 |
|
+Info |
2003-12-31 |
2018-10-19 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
ScozNet ScozBook 1.1 BETA allows remote attackers to obtain sensitive information via an invalid PG parameter in view.php, which reveals the installation path in an error message. |
|
5 |
CVE-2003-1553 |
200 |
|
+Info |
2003-12-31 |
2018-10-19 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
|
Haakon Nilsen Simple Internet Publishing System (SIPS) 0.2.2 stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain password and other user information via a direct request to a user-specific configuration directory. |
|
6 |
CVE-2003-1550 |
200 |
|
+Info |
2003-12-31 |
2017-08-07 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
XOOPS 2.0, and possibly earlier versions, allows remote attackers to obtain sensitive information via an invalid xoopsOption parameter, which reveals the installation path in an error message. |
|
7 |
CVE-2003-1548 |
200 |
|
+Info |
2003-12-31 |
2018-10-19 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
MyABraCaDaWeb 1.0.2 and earlier allows remote attackers to obtain sensitive information via an invalid IDAdmin or other parameter, which reveals the installation path in an error message. |
|
8 |
CVE-2003-1541 |
264 |
|
+Info |
2003-12-31 |
2018-10-19 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
PlanetMoon Guestbook tr3.a stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain the admin script password, and other passwords, via a direct request to files/passwd.txt. |
|
9 |
CVE-2003-1540 |
200 |
|
+Info |
2003-12-31 |
2018-10-19 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
WF-Chat 1.0 Beta stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain authentication information via a direct request to (1) !pwds.txt and (2) !nicks.txt. |
|
10 |
CVE-2003-1535 |
200 |
|
+Info |
2003-12-31 |
2018-10-19 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
|
Justice Guestbook 1.3 allows remote attackers to obtain the full installation path via a direct request to cfooter.php3, which leaks the path in an error message. |
|
11 |
CVE-2003-1526 |
200 |
|
+Info |
2003-12-31 |
2008-09-05 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
|
PHP-Nuke 7.0 allows remote attackers to obtain the installation path via certain characters such as (1) ", (2) ', or (3) > in the search field, which reveals the path in an error message. |
|
12 |
CVE-2003-1517 |
200 |
|
+Info |
2003-12-31 |
2017-07-28 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
|
cart.pl in Dansie shopping cart allows remote attackers to obtain the installation path via an invalid db parameter, which leaks the path in an error message. |
|
13 |
CVE-2003-1486 |
200 |
|
+Info |
2003-12-31 |
2017-07-28 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
|
Phorum 3.4 through 3.4.2 allows remote attackers to obtain the full path of the web server via an incorrect HTTP request to (1) smileys.php, (2) quick_listrss.php, (3) purge.php, (4) news.php, (5) memberlist.php, (6) forum_listrss.php, (7) forum_list_rdf.php, (8) forum_list.php, or (9) move.php, which leaks the information in an error message. |
|
14 |
CVE-2003-1481 |
200 |
|
+Info |
2003-12-31 |
2017-07-28 |
5.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
None |
|
CommuniGate Pro 3.1 through 4.0.6 sends the session ID in the referer field for an HTTP request for an image, which allows remote attackers to hijack mail sessions via an e-mail with an IMG tag that references a malicious URL that captures the referer. |
|
15 |
CVE-2003-1469 |
200 |
|
+Info |
2003-12-31 |
2017-07-28 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
|
The default configuration of ColdFusion MX has the "Enable Robust Exception Information" option selected, which allows remote attackers to obtain the full path of the web server via a direct request to CFIDE/probe.cfm, which leaks the path in an error message. |
|
16 |
CVE-2003-1468 |
200 |
|
+Info |
2003-12-31 |
2017-07-28 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
|
The Web_Links module in PHP-Nuke 6.0 through 6.5 final allows remote attackers to obtain the full web server path via an invalid cid parameter that is non-numeric or null, which leaks the pathname in an error message. |
|
17 |
CVE-2003-1460 |
264 |
|
+Info |
2003-12-31 |
2008-09-05 |
3.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
None |
|
Worker Filemanager 1.0 through 2.7 sets the permissions on the destination directory to world-readable and executable while copying data, which could allow local users to obtain sensitive information. |
|
18 |
CVE-2003-1439 |
255 |
|
+Info |
2003-12-31 |
2018-10-19 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
|
Secure Internet Live Conferencing (SILC) 0.9.11 and 0.9.12 stores passwords and sessions in plaintext in memory, which could allow local users to obtain sensitive information. |
|
19 |
CVE-2003-1423 |
264 |
|
+Info |
2003-12-31 |
2017-07-28 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
Petitforum stores the liste.txt data file under the web document root with insufficient access control, which allows remote attackers to obtain sensitive information such as e-mail addresses and encrypted passwords. |
|
20 |
CVE-2003-1418 |
200 |
|
+Info |
2003-12-31 |
2017-10-19 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
|
Apache HTTP Server 1.3.22 through 1.3.27 on OpenBSD allows remote attackers to obtain sensitive information via (1) the ETag header, which reveals the inode number, or (2) multipart MIME boundary, which reveals child process IDs (PID). |
|
21 |
CVE-2003-1415 |
119 |
|
Overflow +Info |
2003-12-31 |
2017-07-28 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
NetCharts XBRL Server 4.0.0 allows remote attackers to obtain sensitive information via an HTTP request with an invalid chunked transfer encoding specification. |
|
22 |
CVE-2003-1409 |
200 |
|
+Info |
2003-12-31 |
2017-07-28 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
TOPo 1.43 allows remote attackers to obtain sensitive information by sending an HTTP request with an invalid parameter to (1) in.php or (2) out.php, which reveals the path to the TOPo directory in the error message. |
|
23 |
CVE-2003-1408 |
200 |
|
+Info |
2003-12-31 |
2017-07-28 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
Lotus Domino Server 5.0 and 6.0 allows remote attackers to read the source code for files via an HTTP request with a filename with a trailing dot. |
|
24 |
CVE-2003-1404 |
200 |
|
+Info |
2003-12-31 |
2017-07-28 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
DotBr 0.1 stores config.inc with insufficient access control under the web document root, which allows remote attackers to obtain sensitive information such as SQL usernames and passwords. |
|
25 |
CVE-2003-1403 |
20 |
|
+Info |
2003-12-31 |
2017-07-28 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
foo.php3 in DotBr 0.1 allows remote attackers to obtain sensitive information via a direct request, which calls the phpinfo function. |
|
26 |
CVE-2003-1401 |
255 |
|
+Info |
2003-12-31 |
2017-07-28 |
5.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
None |
|
login.php in php-Board 1.0 stores plaintext passwords in $username.txt with insufficient access control under the web document root, which allows remote attackers to obtain sensitive information via a direct request. |
|
27 |
CVE-2003-1399 |
|
|
+Info |
2003-12-31 |
2017-07-28 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
|
eject 2.0.10, when installed setuid on systems such as SuSE Linux 7.3, generates different error messages depending on whether a specified file exists or not, which allows local users to obtain sensitive information. |
|
28 |
CVE-2003-1398 |
200 |
|
DoS +Info |
2003-12-31 |
2017-07-28 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
|
Cisco IOS 12.0 through 12.2, when IP routing is disabled, accepts false ICMP redirect messages, which allows remote attackers to cause a denial of service (network routing modification). |
|
29 |
CVE-2003-1394 |
255 |
|
+Info |
2003-12-31 |
2017-07-28 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
CoffeeCup Software Password Wizard 4.0 stores sensitive information such as usernames and passwords in a .apw file under the web document root with insufficient access control, which allows remote attackers to obtain that information via a direct request for the file. |
|
30 |
CVE-2003-1386 |
264 |
|
+Info |
2003-12-31 |
2017-07-28 |
6.4 |
None |
Remote |
Low |
Not required |
Partial |
None |
Partial |
|
AXIS 2400 Video Server 2.00 through 2.33 allows remote attackers to obtain sensitive information via an HTTP request to /support/messages, which displays the server's /var/log/messages file. |
|
31 |
CVE-2003-1383 |
264 |
|
+Info |
2003-12-31 |
2017-07-28 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
WEB-ERP 0.1.4 and earlier allows remote attackers to obtain sensitive information via an HTTP request for the logicworks.ini file, which contains the MySQL database username and password. |
|
32 |
CVE-2003-1379 |
200 |
|
+Info |
2003-12-31 |
2017-07-28 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
clarkconnectd in ClarkConnect Linux 1.2 allows remote attackers to obtain sensitive information about the server via the characters (1) A, which reveals the date and time, (2) F, (3) M, which reveals 'ifconfig' information, (4) P, which lists the processes, (5) Y, which reveals the snort log files, or (6) b, which reveals /var/log/messages. |
|
33 |
CVE-2003-1371 |
79 |
|
XSS +Info |
2003-12-31 |
2017-07-28 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
Nuked-Klan 1.3b, and possibly earlier versions, allows remote attackers to obtain sensitive server information via an op parameter set to phpinfo for the (1) Team, (2) News, or (3) Liens modules. |
|
34 |
CVE-2003-1366 |
200 |
|
+Info |
2003-12-31 |
2017-07-28 |
3.3 |
None |
Local |
Medium |
Not required |
Partial |
Partial |
None |
|
chpass in OpenBSD 2.0 through 3.2 allows local users to read portions of arbitrary files via a hard link attack on a temporary file used to store user database information. |
|
35 |
CVE-2003-1344 |
310 |
|
+Info |
2003-12-31 |
2017-07-28 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
Trend Micro Virus Control System (TVCS) Log Collector allows remote attackers to obtain usernames, encrypted passwords, and other sensitive information via a URL request for getservers.exe with the action parameter set to "selects1", which returns log files. |
|
36 |
CVE-2003-1316 |
|
|
+Info |
2003-12-31 |
2017-07-28 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
mod.php in eNdonesia 8.2 allows remote attackers to obtain sensitive information via a ' (quote) value in the lng parameter, which reveals the path in an error message. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information. |
|
37 |
CVE-2003-1306 |
|
|
+Info |
2003-12-31 |
2008-09-05 |
2.6 |
None |
Remote |
High |
Not required |
Partial |
None |
None |
|
Microsoft URLScan 2.5, with the RemoveServerHeader option enabled, allows remote attackers to obtain sensitive information (server name and version) via an HTTP request that generates certain errors such as 400 "Bad Request," which leak the Server header in the response. |
|
38 |
CVE-2003-1304 |
|
|
+Info |
2003-12-31 |
2018-10-19 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
EarlyImpact ProductCart 1.0 through 2.0 stores database/EIPC.mdb under the web root with insufficient access control, which allows remote attackers to obtain sensitive database information via a direct request. |
|
39 |
CVE-2003-1297 |
|
|
+Info |
2003-12-31 |
2008-09-05 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
Easy File Sharing (EFS) Web Server 1.2 stores the (1) option.ini (aka options.ini) file and (2) log directory under the web root with insufficient access control, which allows remote attackers to obtain sensitive information including an SMTP account username and password hash, the server configuration, and server log files. |
|
40 |
CVE-2003-1290 |
|
|
+Info |
2003-12-31 |
2017-07-19 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
BEA WebLogic Server and WebLogic Express 6.1, 7.0, and 8.1, with RMI and anonymous admin lookup enabled, allows remote attackers to obtain configuration information by accessing MBeanHome via the Java Naming and Directory Interface (JNDI). |
|
41 |
CVE-2003-1284 |
|
|
+Info |
2003-12-31 |
2017-07-10 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
Sambar Server before 6.0 beta 6 allows remote attackers to obtain sensitive information via direct requests to the default scripts (1) environ.pl and (2) testcgi.exe. |
|
42 |
CVE-2003-1282 |
|
|
+Info |
2003-12-31 |
2008-09-05 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
IBM Net.Data allows remote attackers to obtain sensitive information such as path names, server names and possibly user names and passwords by causing the (1) $(DTW_CURRENT_FILENAME), (2) $(DATABASE), (3) $(LOGIN), (4) $(PASSWORD), and possibly other predefined variables that can be echoed back to the user via a web form. |
|
43 |
CVE-2003-1268 |
|
|
Sql +Info |
2003-12-31 |
2008-09-05 |
7.5 |
User |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Multiple SQL injection vulnerabilities in (1) addcustomer.asp, (2) addprod.asp, and (3) process.asp in a.shopKart 2.0.3 allow remote attackers to execute arbitrary SQL and obtain sensitive information via the zip, state, country, phone, and fax parameters. |
|
44 |
CVE-2003-1257 |
|
|
+Info |
2003-12-31 |
2008-09-05 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
find_theni_home.php in E-theni allows remote attackers to obtain sensitive system information via a URL request which executes phpinfo. |
|
45 |
CVE-2003-1235 |
|
|
+Info |
2003-12-31 |
2008-09-05 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
BRW WebWeaver 1.03 allows remote attackers to obtain sensitive server environment information via a URL request for testcgi.exe, which lists the values of environment variables and the current working directory. |
|
46 |
CVE-2003-1213 |
|
|
+Info |
2003-12-31 |
2017-07-10 |
7.5 |
User |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
The default installation of MaxWebPortal 1.30 stores the portal database under the web document root with insecure access control, which allows remote attackers to obtain sensitive information via a direct request to database/db2000.mdb. |
|
47 |
CVE-2003-1181 |
|
|
+Info |
2003-10-25 |
2017-07-10 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
Advanced Poll 2.0.2 allows remote attackers to obtain sensitive information via an HTTP request to info.php, which invokes the phpinfo() function. |
|
48 |
CVE-2003-1168 |
|
|
+Info |
2003-12-31 |
2008-09-05 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
HTTP Commander 4.0 allows remote attackers to obtain sensitive information via an HTTP request that contains a . (dot) in the file parameter, which reveals the installation path in an error message. |
|
49 |
CVE-2003-1116 |
|
|
Bypass +Info |
2003-12-31 |
2017-07-10 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
The communications protocol for the Report Review Agent (RRA), aka FND File Server (FNDFS) program, in Oracle E-Business Suite 10.7, 11.0, and 11.5.1 to 11.5.8 allows remote attackers to bypass authentication and obtain sensitive information from the Oracle Applications Concurrent Manager by spoofing requests to the TNS Listener. |
|
50 |
CVE-2003-0943 |
|
|
+Info |
2003-12-15 |
2008-09-05 |
7.5 |
User |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
web-tools in SAP DB before 7.4.03.30 installs several services that are enabled by default, which could allow remote attackers to obtain potentially sensitive information or redirect attacks against internal databases via (1) waecho, (2) Web SQL Interface (websql), or (3) Web Database Manager (webdbm). |
