Vulnerabilities > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2003-12-31 | CVE-2003-1263 | Denial Of Service vulnerability in Brown Bear Software Ical 3.7 ICAL.EXE in iCal 3.7 allows remote attackers to cause a denial of service (crash) via a malformed HTTP request, possibly due to an invalid method name. | 5.0 |
| 2003-12-31 | CVE-2003-1262 | Buffer Overflow vulnerability in Http Fetcher Http Fetcher Library 1.0.0/1.0.1 Buffer overflow in the http_fetch function of HTTP Fetcher 1.0.0 and 1.0.1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a URL request via a long (1) host, (2) referer, or (3) userAgent value. | 6.4 |
| 2003-12-31 | CVE-2003-1257 | Remote Security vulnerability in E-theni find_theni_home.php in E-theni allows remote attackers to obtain sensitive system information via a URL request which executes phpinfo. | 5.0 |
| 2003-12-31 | CVE-2003-1256 | Remote Include Command Execution vulnerability in E-theni aff_liste_langue.php in E-theni allows remote attackers to execute arbitrary PHP code by modifying the rep_include parameter to reference a URL on a remote web server that contains para_langue.php. network e-theni | 6.8 |
| 2003-12-31 | CVE-2003-1255 | Unspecified vulnerability in Active PHP Bookmarks Active PHP Bookmarks 1.1.01 add_bookmark.php in Active PHP Bookmarks (APB) 1.1.01 allows remote attackers to add arbitrary bookmarks as other users using a modified auth_user_id parameter. | 6.4 |
| 2003-12-31 | CVE-2003-1254 | File Include vulnerability in Active PHP Bookmarks Active PHP Bookmarks (APB) 1.1.01 allows remote attackers to execute arbitrary PHP code via (1) head.php, (2) apb_common.php, or (3) apb_view_class.php by modifying the APB_SETTINGS parameter to reference a URL on a remote web server that contains the code. | 5.0 |
| 2003-12-31 | CVE-2003-1250 | Denial Of Service vulnerability in Efficient Networks 5861 DSL Router 5.3.80Firmware Efficient Networks 5861 DSL router, when running firmware 5.3.80 configured to block incoming TCP SYN, packets allows remote attackers to cause a denial of service (crash) via a flood of TCP SYN packets to the WAN interface using a port scanner such as nmap. | 5.0 |
| 2003-12-31 | CVE-2003-1243 | Cross-Site Scripting vulnerability in Sage Content Management System Cross-site scripting vulnerability (XSS) in Sage 1.0 b3 allows remote attackers to insert arbitrary HTML or web script via the mod parameter. network sage | 4.3 |
| 2003-12-31 | CVE-2003-1242 | Path Disclosure vulnerability in Sage Content Management System Sage 1.0 b3 allows remote attackers to obtain the root web server path via a URL request for a non-existent module, which returns the path in an error message. | 5.0 |
| 2003-12-31 | CVE-2003-1241 | HTML Injection vulnerability in Levcgi.Com Myguestbook 3.0 Cross-site scripting vulnerability (XSS) in (1) admin_index.php, (2) admin_pass.php, (3) admin_modif.php, and (4) admin_suppr.php in MyGuestbook 3.0 allows remote attackers to execute arbitrary PHP code by modifying the location parameter to reference a URL on a remote web server that contains file.php via script injected into the pseudo, email, and message parameters. network levcgi-com | 4.3 |