Vulnerabilities > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2003-12-31 | CVE-2003-1416 | Improper Input Validation vulnerability in Bisonftp Server 4 R2 BisonFTP Server 4 release 2 allows remote attackers to cause a denial of service (CPU consumption) via a long (1) ls or (2) cwd command. | 4.3 |
| 2003-12-31 | CVE-2003-1415 | Buffer Errors vulnerability in Visual Mining Netcharts Xbrl Server 4.0.0 NetCharts XBRL Server 4.0.0 allows remote attackers to obtain sensitive information via an HTTP request with an invalid chunked transfer encoding specification. | 6.8 |
| 2003-12-31 | CVE-2003-1414 | Path Traversal vulnerability in Apple products Directory traversal vulnerability in parse_xml.cg Apple Darwin Streaming Server 4.1.2 and Apple Quicktime Streaming Server 4.1.1 allows remote attackers to read arbitrary files via a ... | 4.3 |
| 2003-12-31 | CVE-2003-1413 | Path Traversal vulnerability in Apple products parse_xml.cgi in Apple Darwin Streaming Server 4.1.1 allows remote attackers to determine the existence of arbitrary files by using ".." sequences in the filename parameter and comparing the resulting error messages. | 4.3 |
| 2003-12-31 | CVE-2003-1412 | Code Injection vulnerability in Gonicus System Administration 1.0 PHP remote file inclusion vulnerability in index.php for GONiCUS System Administrator (GOsa) 1.0 allows remote attackers to execute arbitrary PHP code via the plugin parameter to (1) 3fax/1blocklists/index.php; (2) 6departamentadmin/index.php, (3) 5terminals/index.php, (4) 4mailinglists/index.php, (5) 3departaments/index.php, and (6) 2groupd/index.php in 2administration/; or (7) the base parameter to include/help.php. | 6.8 |
| 2003-12-31 | CVE-2003-1411 | Code Injection vulnerability in Isoca Cedric Email Reader 0.4 PHP remote file inclusion vulnerability in emailreader_execute_on_each_page.inc.php in Cedric Email Reader 0.4 allows remote attackers to execute arbitrary PHP code via the emailreader_ini parameter. | 6.8 |
| 2003-12-31 | CVE-2003-1410 | Code Injection vulnerability in Isoca Cedric Email Reader 0.2/0.3 PHP remote file inclusion vulnerability in email.php (aka email.php3) in Cedric Email Reader 0.2 and 0.3 allows remote attackers to execute arbitrary PHP code via the cer_skin parameter. | 6.8 |
| 2003-12-31 | CVE-2003-1409 | Information Exposure vulnerability in EJ3 Topo 1.43 TOPo 1.43 allows remote attackers to obtain sensitive information by sending an HTTP request with an invalid parameter to (1) in.php or (2) out.php, which reveals the path to the TOPo directory in the error message. | 5.0 |
| 2003-12-31 | CVE-2003-1408 | Information Exposure vulnerability in Lotus Domino Server 5.0/6.0 Lotus Domino Server 5.0 and 6.0 allows remote attackers to read the source code for files via an HTTP request with a filename with a trailing dot. | 5.0 |
| 2003-12-31 | CVE-2003-1401 | Credentials Management vulnerability in PHP Board PHP Board 1.0 login.php in php-Board 1.0 stores plaintext passwords in $username.txt with insufficient access control under the web document root, which allows remote attackers to obtain sensitive information via a direct request. | 5.8 |