Vulnerabilities > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2003-12-31 | CVE-2003-1376 | Credentials Management vulnerability in Winzip 8.0 WinZip 8.0 uses weak random number generation for password protected ZIP files, which allows local users to brute force the encryption keys and extract the data from the zip file by guessing the state of the stream coder. | 4.6 |
| 2003-12-31 | CVE-2003-1374 | Buffer Errors vulnerability in HP Hp-Ux 11 Buffer overflow in disable of HP-UX 11.0 may allow local users to execute arbitrary code via a long argument to the (1) -r or (2)-c options. | 4.6 |
| 2003-12-31 | CVE-2003-1373 | Path Traversal vulnerability in PHPbb Group PHPbb Directory traversal vulnerability in auth.php for PhpBB 1.4.0 through 1.4.4 allows remote attackers to read and include arbitrary files via .. | 6.8 |
| 2003-12-31 | CVE-2003-1372 | Cross-Site Scripting vulnerability in Myphpnuke 1.8.8 Cross-site scripting (XSS) vulnerability in links.php script in myPHPNuke 1.8.8, and possibly earlier versions, allows remote attackers to inject arbitrary HTML and web script via the (1) ratenum or (2) query parameters. | 4.3 |
| 2003-12-31 | CVE-2003-1371 | Cross-Site Scripting vulnerability in Nuked-Klan 1.3Beta Nuked-Klan 1.3b, and possibly earlier versions, allows remote attackers to obtain sensitive server information via an op parameter set to phpinfo for the (1) Team, (2) News, or (3) Liens modules. | 4.3 |
| 2003-12-31 | CVE-2003-1370 | Cross-Site Scripting vulnerability in Nuked-Klan 1.2Beta Multiple cross-site scripting (XSS) vulnerabilities in Nuked-Klan 1.2b allow remote attackers to inject arbitrary HTML or web script via (1) the Author field in the Guestbook module, (2) the Titre or Pseudo fields in the Forum module, or (3) "La Tribune Libre" in the Shoutbox module. | 4.3 |
| 2003-12-31 | CVE-2003-1369 | Buffer Errors vulnerability in Save IT Software PTY Bytecatcherftp 1.04B Buffer overflow in ByteCatcher FTP client 1.04b allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long FTP server banner. | 6.8 |
| 2003-12-31 | CVE-2003-1368 | Buffer Errors vulnerability in Electrasoft FTP Client 9.49.01 Buffer overflow in the 32bit FTP client 9.49.1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long FTP server banner. | 6.4 |
| 2003-12-31 | CVE-2003-1365 | Improper Input Validation vulnerability in Perl CGI Lite 2.0 The escape_dangerous_chars function in CGI::Lite 2.0 and earlier does not correctly remove special characters including (1) "\" (backslash), (2) "?", (3) "~" (tilde), (4) "^" (carat), (5) newline, or (6) carriage return, which could allow remote attackers to read or write arbitrary files, or execute arbitrary commands, in shell scripts that rely on CGI::Lite to filter such dangerous inputs. | 5.0 |
| 2003-12-31 | CVE-2003-1363 | Unspecified vulnerability in Aprelium Technologies Abyss web Server The remote web management interface of Aprelium Technologies Abyss Web Server 1.1.2 and earlier does not log connection attempts to the web management port (9999), which allows remote attackers to mount brute force attacks on the administration console without detection. | 6.4 |