Weekly Vulnerabilities Reports > November 24 to 30, 2003

Overview

2 new vulnerabilities reported during this period, including 0 critical vulnerabilities and 1 high severity vulnerabilities. This weekly summary report vulnerabilities in 2 products from 2 vendors including Tildeslash, and Phpbb Group. Vulnerabilities are notably categorized as .

2 reported vulnerabilities are remotely exploitables.
2 reported vulnerabilities are exploitable by an anonymous user.
Tildeslash has the most reported vulnerabilities, with 1 reported vulnerabilities.

TOTAL
VULNERABILITIES

CRITICAL RISK
VULNERABILITIES

HIGH RISK
VULNERABILITIES

MEDIUM RISK
VULNERABILITIES

LOW RISK
VULNERABILITIES

REMOTELY
EXPLOITABLE

LOCALLY
EXPLOITABLE

EXPLOIT
AVAILABLE

EXPLOITABLE
ANONYMOUSLY

AFFECTING
WEB APPLICATION

Vulnerability Details

The following table list reported vulnerabilities for the period covered by this report:

Expand/Hide

0 Critical Vulnerabilities

DATE	CVE	VENDOR	VULNERABILITY	CVSS

Expand/Hide

1 High Vulnerabilities

DATE	CVE	VENDOR	VULNERABILITY	CVSS
2003-11-27	CVE-2003-1216	Phpbb Group	SQL Injection vulnerability in phpBB search.php SQL injection vulnerability in search.php for phpBB 2.0.6 and earlier allows remote attackers to execute arbitrary SQL and gain privileges via the search_id parameter.	7.5

Expand/Hide

1 Medium Vulnerabilities

DATE	CVE	VENDOR	VULNERABILITY	CVSS
2003-11-24	CVE-2003-1084	Tildeslash	Denial of Service vulnerability in Monit HTTP Content-Length Parameter Monit 1.4 to 4.1 allows remote attackers to cause a denial of service (daemon crash) via an HTTP POST request with a negative Content-Length field.	5.0

Expand/Hide

0 Low Vulnerabilities

DATE	CVE	VENDOR	VULNERABILITY	CVSS