Vulnerabilities > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2003-08-18 | CVE-2003-0590 | Cross-Site Scripting vulnerability in Splatt Forum Cross-site scripting (XSS) vulnerability in Splatt Forum allows remote attackers to insert arbitrary HTML and web script via the post icon (image_subject) field. network splatt | 7.1 |
2003-08-18 | CVE-2003-0586 | Remote Security vulnerability in Brooky Estore 1.0.2B Brooky eStore 1.0.1 through 1.0.2b allows remote attackers to obtain sensitive path information via a direct HTTP request to settings.inc.php. | 7.5 |
2003-08-18 | CVE-2003-0585 | SQL-Injection vulnerability in Brooky Estore 1.0.2B SQL injection vulnerability in login.asp of Brooky eStore 1.0.1 through 1.0.2b allows remote attackers to bypass authentication and execute arbitrary SQL code via the (1) user or (2) pass parameters. | 7.5 |
2003-08-18 | CVE-2003-0584 | Local Security vulnerability in BRU Format string vulnerability in Backup and Restore Utility for Unix (BRU) 17.0 and earlier, when running setuid, allows local users to execute arbitrary code via format string specifiers in a command line argument. | 7.2 |
2003-08-18 | CVE-2003-0583 | Local Security vulnerability in BRU Buffer overflow in Backup and Restore Utility for Unix (BRU) 17.0 and earlier, when running setuid, allows local users to execute arbitrary code via a long command line argument. | 7.2 |
2003-08-18 | CVE-2003-0581 | Unspecified vulnerability in Xfstt 1.2.1/1.4 X Fontserver for Truetype fonts (xfstt) 1.4 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a (1) FS_QueryXExtents8 or (2) FS_QueryXBitmaps8 packet, and possibly other types of packets, with a large num_ranges value, which causes an out-of-bounds array access. | 7.5 |
2003-08-18 | CVE-2003-0580 | Local Security vulnerability in IBM U2 Universe 10.0.0.9 Buffer overflow in uvadmsh in IBM U2 UniVerse 10.0.0.9 and earlier allows the uvadm user to execute arbitrary code via a long -uv.install command line argument. | 7.2 |
2003-08-18 | CVE-2003-0578 | Link Following vulnerability in IBM U2 Universe 10.0.0.9 cci_dir in IBM U2 UniVerse 10.0.0.9 and earlier creates hard links and unlinks files as root, which allows local users to gain privileges by deleting and overwriting arbitrary files. | 7.8 |
2003-08-18 | CVE-2003-0577 | Unspecified vulnerability in Mpg123 0.59R/Pre0.59S mpg123 0.59r allows remote attackers to cause a denial of service and possibly execute arbitrary code via an MP3 file with a zero bitrate, which creates a negative frame size. | 7.5 |
2003-08-18 | CVE-2003-0574 | Unspecified vulnerability in SGI Irix Unknown vulnerability in SGI IRIX 6.5.x through 6.5.20, and possibly earlier versions, allows local users to cause a core dump in scheme and possibly gain privileges via certain environment variables, a different vulnerability than CVE-2001-0797 and CVE-1999-0028. | 7.2 |