Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2003-10-30 | CVE-2003-1143 | Remote Denial of Service vulnerability in Serious Sam Engine Croteam Serious Sam demo test 2 2.1a, Serious Sam: the First Encounter 1.05, and Serious Sam: the Second Encounter 1.05 allow remote attackers to cause a denial of service (crash or freeze) via a TCP packet with an invalid first parameter. | 7.5 |
| 2003-10-29 | CVE-2003-1186 | Remote Buffer Overflow vulnerability in Telcondex Simplewebserver 2.12.30210Build3285 Buffer overflow in TelCondex SimpleWebServer 2.12.30210 Build3285 allows remote attackers to execute arbitrary code via a long HTTP Referer header. | 7.5 |
| 2003-10-27 | CVE-2003-1150 | Buffer Overrun vulnerability in Novell PMAP.NLM Buffer overflow in the portmapper service (PMAP.NLM) in Novell NetWare 6 SP3 and ZenWorks for Desktops 3.2 SP2 through 4.0.1 allows remote attackers to cause a denial of service and possibly execute arbitrary code via unknown attack vectors. | 7.5 |
| 2003-10-25 | CVE-2003-1148 | Remote File Include vulnerability in LES Visiteurs LES Visiteurs 2.0.1 Multiple PHP remote file inclusion vulnerabilities in J-Pierre DEZELUS Les Visiteurs 2.0.1, as used in phpMyConferences (phpMyConference) 8.0.2 and possibly other products, allow remote attackers to execute arbitrary PHP code via a URL in the lvc_include_dir parameter to (1) config.inc.php or (2) new-visitor.inc.php in common/visiteurs/include/. | 7.5 |
| 2003-10-20 | CVE-2003-0754 | Security Bypass vulnerability in newsPHP nphpd.php in newsPHP 216 and earlier allows remote attackers to bypass authentication via an HTTP request with a modified nphp_users array, which is used for authentication. | 7.5 |
| 2003-10-20 | CVE-2003-0752 | SQL-Injection vulnerability in Attilaphp SQL injection vulnerability in global.php3 of AttilaPHP 3.0, and possibly earlier versions, allows remote attackers to bypass authentication via a modified cook_id parameter. | 7.5 |
| 2003-10-20 | CVE-2003-0751 | SQL-Injection vulnerability in Py-Membres 4.0/4.1/4.2 SQL injection vulnerability in pass_done.php for PY-Membres 4.2 and earlier allows remote attackers to execute arbitrary SQL queries via the email parameter. | 7.5 |
| 2003-10-20 | CVE-2003-0750 | Security Bypass vulnerability in Py-Membres 4.0/4.1/4.2 secure.php in PY-Membres 4.2 and earlier allows remote attackers to bypass authentication by setting the adminpy parameter. | 7.5 |
| 2003-10-20 | CVE-2003-0743 | Unspecified vulnerability in University of Cambridge Exim Heap-based buffer overflow in smtp_in.c for Exim 3 (exim3) before 3.36 and Exim 4 (exim4) before 4.21 may allow remote attackers to execute arbitrary code via an invalid (1) HELO or (2) EHLO argument with a large number of spaces followed by a NULL character and a newline, which is not properly trimmed before the "(no argument given)" string is appended to the buffer. | 7.5 |
| 2003-10-20 | CVE-2003-0738 | USE of Externally-Controlled Format String vulnerability in PHPwebsite The calendar module in phpWebSite 0.9.x and earlier allows remote attackers to cause a denial of service (crash) via a long year parameter. | 7.8 |