upload.php in Truegalerie 1.0 allows remote attackers to read arbitrary files by specifying the target filename in the file cookie in form.php, then downloading the file from the image gallery.
Max CVSS
5.0
EPSS Score
0.22%
Published
2003-12-31
Updated
2016-10-18
Netbus 1.5 through 1.7 allows more than one client to be connected at the same time, but only prompts the first connection for authentication, which allows remote attackers to gain access.
Max CVSS
6.8
EPSS Score
0.73%
Published
2003-12-31
Updated
2017-07-29
The web administration page for the Ericsson HM220dp ADSL modem does not require authentication, which could allow remote attackers to gain access from the LAN side.
Max CVSS
7.5
EPSS Score
1.83%
Published
2003-12-31
Updated
2017-07-29
login_ldap 3.1 and 3.2 allows remote attackers to initiate unauthenticated bind requests if (1) bind_anon_dn is on, which allows a bind with no password provided, (2) bind_anon_cred is on, which allows a bind with no DN, or (3) bind_anon is on, which allows a bind with no DN or password.
Max CVSS
6.8
EPSS Score
0.90%
Published
2003-12-31
Updated
2017-07-29
Trend Micro ScanMail for Exchange (SMEX) before 3.81 and before 6.1 might install a back door account in smg_Smxcfg30.exe, which allows remote attackers to gain access to the web management interface via the vcc parameter, possibly "3560121183d3".
Max CVSS
7.5
EPSS Score
3.71%
Published
2003-12-31
Updated
2017-07-29
SQL injection vulnerability in page_header.php in phpBB 2.0, 2.0.1 and 2.0.2 allows remote attackers to brute force user passwords and possibly gain unauthorized access to forums via the forum_id parameter to index.php.
Max CVSS
7.5
EPSS Score
0.14%
Published
2003-12-31
Updated
2008-09-05
Unknown vulnerability in QuickTime Java in Mac OS X v10.3 and Mac OS X Server 10.3 allows attackers to gain "unauthorized access to a system."
Max CVSS
7.5
EPSS Score
0.23%
Published
2003-11-03
Updated
2008-09-10
Unknown vulnerability or vulnerabilities in Novell iChain 2.2 before Support Pack 1, with unknown impact, possibly related to unauthorized access to (1) NCPIP.NLM and (2) JSTCP.NLM.
Max CVSS
5.0
EPSS Score
0.14%
Published
2003-08-27
Updated
2016-10-18
Unknown vulnerability in Cisco Catalyst 7.5(1) allows local users to bypass authentication and gain access to the enable mode without a password.
Max CVSS
9.3
EPSS Score
0.08%
Published
2003-05-12
Updated
2008-09-10
9 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!