Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2003-12-31 | CVE-2003-1414 | Path Traversal vulnerability in Apple products Directory traversal vulnerability in parse_xml.cg Apple Darwin Streaming Server 4.1.2 and Apple Quicktime Streaming Server 4.1.1 allows remote attackers to read arbitrary files via a ... | 4.3 |
| 2003-12-31 | CVE-2003-1413 | Path Traversal vulnerability in Apple products parse_xml.cgi in Apple Darwin Streaming Server 4.1.1 allows remote attackers to determine the existence of arbitrary files by using ".." sequences in the filename parameter and comparing the resulting error messages. | 4.3 |
| 2003-12-31 | CVE-2003-1412 | Code Injection vulnerability in Gonicus System Administration 1.0 PHP remote file inclusion vulnerability in index.php for GONiCUS System Administrator (GOsa) 1.0 allows remote attackers to execute arbitrary PHP code via the plugin parameter to (1) 3fax/1blocklists/index.php; (2) 6departamentadmin/index.php, (3) 5terminals/index.php, (4) 4mailinglists/index.php, (5) 3departaments/index.php, and (6) 2groupd/index.php in 2administration/; or (7) the base parameter to include/help.php. | 6.8 |
| 2003-12-31 | CVE-2003-1411 | Code Injection vulnerability in Isoca Cedric Email Reader 0.4 PHP remote file inclusion vulnerability in emailreader_execute_on_each_page.inc.php in Cedric Email Reader 0.4 allows remote attackers to execute arbitrary PHP code via the emailreader_ini parameter. | 6.8 |
| 2003-12-31 | CVE-2003-1410 | Code Injection vulnerability in Isoca Cedric Email Reader 0.2/0.3 PHP remote file inclusion vulnerability in email.php (aka email.php3) in Cedric Email Reader 0.2 and 0.3 allows remote attackers to execute arbitrary PHP code via the cer_skin parameter. | 6.8 |
| 2003-12-31 | CVE-2003-1409 | Information Exposure vulnerability in EJ3 Topo 1.43 TOPo 1.43 allows remote attackers to obtain sensitive information by sending an HTTP request with an invalid parameter to (1) in.php or (2) out.php, which reveals the path to the TOPo directory in the error message. | 5.0 |
| 2003-12-31 | CVE-2003-1408 | Information Exposure vulnerability in Lotus Domino Server 5.0/6.0 Lotus Domino Server 5.0 and 6.0 allows remote attackers to read the source code for files via an HTTP request with a filename with a trailing dot. | 5.0 |
| 2003-12-31 | CVE-2003-1407 | Buffer Errors vulnerability in Microsoft Windows NT 4.0 Buffer overflow in cmd.exe in Windows NT 4.0 may allow local users to execute arbitrary code via a long pathname argument to the cd command. | 7.2 |
| 2003-12-31 | CVE-2003-1406 | Code Injection vulnerability in Adalis Infomatique D Forum 1.0/1.10/1.11 PHP remote file inclusion vulnerability in D-Forum 1.00 through 1.11 allows remote attackers to execute arbitrary PHP code via a URL in the (1) my_header parameter to header.php3 or (2) my_footer parameter to footer.php3. | 7.5 |
| 2003-12-31 | CVE-2003-1405 | Improper Input Validation vulnerability in Dotbr Botbr 0.1 DotBr 0.1 allows remote attackers to execute arbitrary shell commands via the cmd parameter to (1) exec.php3 or (2) system.php3. | 7.5 |