Cross-site scripting (XSS) vulnerability in the Statistics module for PHP-Nuke 6.0 and earlier allows remote attackers to insert arbitrary web script via the year parameter. Date published : 2003-05-22 http://marc.info/?l=bugtraq&m=105319538308834&w=2
Venturi Client before 2.2, as used in certain Fourelle and Venturi Wireless products, can be used as an open proxy for various protocols, including an open relay for SMTP, which allows it to be...
Snowblind Web Server 1.0 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long HTTP request, which may trigger a buffer overflow. Date published : 2003-05-17...
Snowblind Web Server 1.0 allows remote attackers to cause a denial of service (crash) via a URL that ends in a "
Directory traversal vulnerability in Snowblind Web Server 1.0 allows remote attackers to list arbitrary directory contents via a … (triple dot) in an HTTP request. Date published : 2003-05-17 http://marc.info/?l=bugtraq&m=105311719128173&w=2
Directory traversal vulnerability in Snowblind Web Server 1.0 allows remote attackers to read arbitrary files via a .. (dot dot) in an HTTP request. Date published : 2003-05-17 http://marc.info/?l=bugtraq&m=105311719128173&w=2
Cross-site scripting (XSS) vulnerability in articleview.php for eZ publish 2.2 allows remote attackers to insert arbitrary web script. Date published : 2003-05-17 http://marc.info/?l=bugtraq&m=105310013606680&w=2
Internet Explorer 5.01, 5.5, and 6.0 allows remote attackers to bypass security zone restrictions and execute arbitrary programs via a web document with a large number of duplicate file:// or other requests that point...
The Sendmail 8.12.3 package in Debian GNU/Linux 3.0 does not securely create temporary files, which could allow local users to gain additional privileges via (1) expn, (2) checksendmail, or (3) doublebounce.pl. Date published :...
Poster version.two allows remote authenticated users to gain administrative privileges by appending the "|" field separator and an "admin" value into the email address field. Date published : 2003-05-17 http://marc.info/?l=bugtraq&m=105295155004969&w=2
Buffer overflow in EXPLORER.EXE on Windows XP allows attackers to execute arbitrary code as the XP user via a desktop.ini file with a long .ShellClassInfo parameter. Date published : 2003-05-17 http://marc.info/?l=bugtraq&m=105284486526310&w=2 http://marc.info/?l=bugtraq&m=105301349925036&w=2
The Service Assurance Agent (SAA) in Cisco IOS 12.0 through 12.2, aka Response Time Reporter (RTR), allows remote attackers to cause a denial of service (crash) via malformed RTR packets to port 1967. Date...
one||zero (aka One or Zero) Helpdesk 1.4 rc4 allows remote attackers to create administrator accounts by directly calling the install.php Helpdesk Installation script. Date published : 2003-05-17 http://marc.info/?l=bugtraq&m=105302025601231&w=2 http://archives.neohapsis.com/archives/vulnwatch/2003-q2/0070.html
SQL injection vulnerability in one||zero (aka One or Zero) Helpdesk 1.4 rc4 allows remote attackers to modify arbitrary ticket number descriptions via the sg parameter. Date published : 2003-05-17 http://www.securityfocus.com/bid/7609 http://marc.info/?l=bugtraq&m=105302025601231&w=2