Total
27 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2003-1454 | 4 Invision Power Services, Linux, Microsoft and 1 more | 4 Invision Board, Linux Kernel, All Windows and 1 more | 2025-04-03 | 5.0 MEDIUM | N/A |
| Invision Power Services Invision Board 1.0 through 1.1.1, when a forum is password protected, stores the administrator password in a cookie in plaintext, which could allow remote attackers to gain access. | |||||
| CVE-2003-1330 | 2 Clearswift Limited, Microsoft | 2 Mailsweeper, All Windows | 2025-04-03 | 5.0 MEDIUM | N/A |
| Clearswift MAILsweeper for SMTP 4.3.6 SP1 does not execute custom "on strip unsuccessful" hooks, which allows remote attackers to bypass e-mail attachment filtering policies via an attachment that MAILsweeper can detect but not remove. | |||||
| CVE-2003-1423 | 4 Linux, Microsoft, Petitforum and 1 more | 4 Linux Kernel, All Windows, Petitforum and 1 more | 2025-04-03 | 5.0 MEDIUM | N/A |
| Petitforum stores the liste.txt data file under the web document root with insufficient access control, which allows remote attackers to obtain sensitive information such as e-mail addresses and encrypted passwords. | |||||
| CVE-2003-1467 | 4 Linux, Microsoft, Phorum and 1 more | 4 Linux Kernel, All Windows, Phorum and 1 more | 2025-04-03 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in (1) login.php, (2) register.php, (3) post.php, and (4) common.php in Phorum before 3.4.3 allow remote attackers to inject arbitrary web script or HTML via unknown attack vectors. | |||||
| CVE-2003-1472 | 2 3d-ftp, Microsoft | 2 3d-ftp, All Windows | 2025-04-03 | 5.0 MEDIUM | N/A |
| Buffer overflow in 3D-FTP client 4.0 allows remote FTP servers to cause a denial of service (crash) and possibly execute arbitrary code via a long banner. | |||||
| CVE-2003-1372 | 4 Linux, Microsoft, Myphpnuke and 1 more | 4 Linux Kernel, All Windows, Myphpnuke and 1 more | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in links.php script in myPHPNuke 1.8.8, and possibly earlier versions, allows remote attackers to inject arbitrary HTML and web script via the (1) ratenum or (2) query parameters. | |||||
| CVE-2003-1392 | 2 Microsoft, Research Triangle Software | 2 All Windows, Cryptobuddy | 2025-04-03 | 6.6 MEDIUM | N/A |
| CryptoBuddy 1.0 and 1.2 does not use the user-supplied passphrase to encrypt data, which could allow local users to use their own passphrase to decrypt the data. | |||||