Export limit exceeded: 345089 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 345089 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 345089 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (345089 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2003-1212 | 1 Maxwebportal | 1 Maxwebportal | 2026-04-16 | N/A |
| MaxWebPortal 1.30 allows remote attackers to perform unauthorized actions by modifying hidden form fields, such as the (1) news, (2) lock, or (3) allmem fields in the 'start new topic' HTML page. | ||||
| CVE-2003-1213 | 1 Maxwebportal | 1 Maxwebportal | 2026-04-16 | N/A |
| The default installation of MaxWebPortal 1.30 stores the portal database under the web document root with insecure access control, which allows remote attackers to obtain sensitive information via a direct request to database/db2000.mdb. | ||||
| CVE-2003-1205 | 1 Crob | 1 Crob Ftp Server | 2026-04-16 | N/A |
| Crob FTP Server 2.60.1 allows remote authenticated users to cause a denial of service (crash) by renaming a file to the "con" MS-DOS device name. | ||||
| CVE-2003-0743 | 1 University Of Cambridge | 1 Exim | 2026-04-16 | N/A |
| Heap-based buffer overflow in smtp_in.c for Exim 3 (exim3) before 3.36 and Exim 4 (exim4) before 4.21 may allow remote attackers to execute arbitrary code via an invalid (1) HELO or (2) EHLO argument with a large number of spaces followed by a NULL character and a newline, which is not properly trimmed before the "(no argument given)" string is appended to the buffer. | ||||
| CVE-2003-1202 | 1 Omail | 1 Omail Webmail | 2026-04-16 | N/A |
| The checklogin function in omail.pl for omail webmail 0.98.4 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in a (1) password, (2) domainname, or (3) username. | ||||
| CVE-2003-1200 | 1 Alt-n | 1 Mdaemon | 2026-04-16 | N/A |
| Stack-based buffer overflow in FORM2RAW.exe in Alt-N MDaemon 6.5.2 through 6.8.5 allows remote attackers to execute arbitrary code via a long From parameter to Form2Raw.cgi. | ||||
| CVE-2003-1190 | 1 Phprecipebook | 1 Phprecipebook | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in PHPRecipeBook 1.24 through 2.17 allows remote attackers to inject arbitrary web script or HTML via a recipe. | ||||
| CVE-2003-1186 | 1 Telcondex | 1 Simplewebserver | 2026-04-16 | N/A |
| Buffer overflow in TelCondex SimpleWebServer 2.12.30210 Build3285 allows remote attackers to execute arbitrary code via a long HTTP Referer header. | ||||
| CVE-2003-1185 | 1 Thwboard | 1 Thwboard | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in ThWboard before Beta 2.8.2 allow remote attackers to inject arbitrary SQL commands via various vectors including (1) Admin-Center, (2) Announcements, (3) admin/calendar.php, and (4) showevent.php. | ||||
| CVE-2003-1184 | 1 Thwboard | 1 Thwboard | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in ThWboard Beta 2.8 and 2.81 allow remote attackers to inject arbitrary web script or HTML via (1) time in board.php, (2) the profile Homepage-Feld, (3) pictures, and (4) other "Diverse XSS Bugs." | ||||
| CVE-2003-1183 | 1 Oracle | 1 Oracle Files | 2026-04-16 | N/A |
| The WebCache component in Oracle Files 9.0.3.1.0, 9.0.3.2.0, and 9.0.3.3.0 of Oracle Collaboration Suite Release 1 caches files despite the cacheability rules imposed by Oracle Files, which allows local users to gain access. | ||||
| CVE-2003-1182 | 1 Mpm | 1 Mpm Guestbook | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in MPM Guestbook 1.2 allows remote attackers to inject arbitrary web script or HTML via the lng parameter. | ||||
| CVE-2003-1181 | 1 Advanced Poll | 1 Advanced Poll | 2026-04-16 | N/A |
| Advanced Poll 2.0.2 allows remote attackers to obtain sensitive information via an HTTP request to info.php, which invokes the phpinfo() function. | ||||
| CVE-2003-1179 | 1 Advanced Poll | 1 Advanced Poll | 2026-04-16 | N/A |
| Multiple PHP remote file inclusion vulnerabilities in Advanced Poll 2.0.2 allow remote attackers to execute arbitrary PHP code via the include_path parameter in (1) booth.php, (2) png.php, (3) poll_ssi.php, or (4) popup.php, the (5) base_path parameter to common.inc.php. | ||||
| CVE-2003-1178 | 1 Advanced Poll | 1 Advanced Poll | 2026-04-16 | N/A |
| Eval injection vulnerability in comments.php in Advanced Poll 2.0.2 allows remote attackers to execute arbitrary PHP code via the (1) id, (2) template_set, or (3) action parameter. | ||||
| CVE-2003-1177 | 1 Atrium Software | 1 Mercur Mailserver | 2026-04-16 | N/A |
| Buffer overflow in the base64 decoder in MERCUR Mailserver 4.2 before SP3a allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long (1) AUTH command to the POP3 server or (2) AUTHENTICATE command to the IMAP server. | ||||
| CVE-2003-1174 | 1 Nullsoft | 1 Shoutcast Server | 2026-04-16 | N/A |
| Buffer overflow in NullSoft Shoutcast Server 1.9.2 allows local users to cause a denial of service via (1) icy-name followed by a long server name or (2) icy-url followed by a long URL. | ||||
| CVE-2003-1170 | 1 Gernot Stocker | 1 Kpopup | 2026-04-16 | N/A |
| Format string vulnerability in main.cpp in kpopup 0.9.1 and 0.9.5pre2 allows local users to cause a denial of service (segmentation fault) and possibly execute arbitrary code via format string specifiers in command line arguments. | ||||
| CVE-2003-1163 | 1 Ganglia | 1 Gmond | 2026-04-16 | N/A |
| hash.c in Ganglia gmond 2.5.3 allows remote attackers to cause a denial of service (segmentation fault) via a UDP packet that contains a single-byte name string, which is used as an out-of-bounds array index. | ||||
| CVE-2003-1145 | 1 Openautoclassifieds | 1 Openautoclassifieds | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in friendmail.php in OpenAutoClassifieds 1.0 allows remote attackers to inject arbitrary web script or HTML via the listing parameter. | ||||