Vulnerabilities
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2003-12-31 | CVE-2003-1527 | BlackICE Defender 2.9.cap and Server Protection 3.5.cdf, when configured to automatically block attacks, allows remote attackers to block IP addresses and cause a denial of service via spoofed packets. | 4.3 |
2003-12-31 | CVE-2003-1526 | Information Exposure vulnerability in Francisco Burzi PHP-Nuke 7.0 PHP-Nuke 7.0 allows remote attackers to obtain the installation path via certain characters such as (1) ", (2) ', or (3) > in the search field, which reveals the path in an error message. | 5.0 |
2003-12-31 | CVE-2003-1525 | Unspecified vulnerability in My Photo Gallery Unspecified vulnerability in My Photo Gallery 3.5, and possibly earlier versions, has unknown impact and attack vectors. | 10.0 |
2003-12-31 | CVE-2003-1524 | Permissions, Privileges, and Access Controls vulnerability in Pgpi Pgpdisk 6.0.2I PGPi PGPDisk 6.0.2i does not unmount a PGP partition when the switch user function in Windows XP is used, which could allow local users to access data on another user's PGP partition. | 6.3 |
2003-12-31 | CVE-2003-1523 | SQL Injection vulnerability in Dbmail 1.0/1.1 SQL injection vulnerability in the IMAP daemon in dbmail 1.1 allows remote attackers to execute arbitrary SQL commands via the (1) login username, (2) mailbox name, and possibly other attack vectors. | 7.5 |
2003-12-31 | CVE-2003-1522 | Cross-Site Scripting vulnerability in Pscs Vpop3 web Mail Server 2.0E/2.0F Cross-site scripting (XSS) vulnerability in PSCS VPOP3 Web Mail server 2.0e and 2.0f allows remote attackers to inject arbitrary web script or HTML via the redirect parameter to the admin/index.html page. | 4.3 |
2003-12-31 | CVE-2003-1521 | Unspecified vulnerability in SUN Java Plug-In Sun Java Plug-In 1.4 through 1.4.2_02 allows remote attackers to repeatedly access the floppy drive via the createXmlDocument method in the org.apache.crimson.tree.XmlDocument class, which violates the Java security model. | 6.4 |
2003-12-31 | CVE-2003-1520 | SQL Injection vulnerability in Fuzzymonkey Myclassifieds 2.11 SQL injection vulnerability in FuzzyMonkey My Classifieds 2.11 allows remote attackers to execute arbitrary SQL commands via the email parameter. | 6.8 |
2003-12-31 | CVE-2003-1519 | Cross-Site Scripting vulnerability in Vivisimo Clustering Engine 0 Cross-site scripting (XSS) vulnerability in Vivisimo clustering engine allows remote attackers to inject arbitrary web script or HTML via the query parameter to the search program. | 4.3 |
2003-12-31 | CVE-2003-1518 | Buffer Errors vulnerability in Adiscon Winsyslog 4.21Sp1/5.0Beta Adiscon WinSyslog 4.21 SP1 allows remote attackers to cause a denial of service (CPU consumption) via a long syslog message. | 7.8 |