upload.php in Truegalerie 1.0 allows remote attackers to read arbitrary files by specifying the target filename in the file cookie in form.php, then downloading the file from the image gallery.
Max CVSS
5.0
EPSS Score
0.22%
Published
2003-12-31
Updated
2016-10-18
Netbus 1.5 through 1.7 allows more than one client to be connected at the same time, but only prompts the first connection for authentication, which allows remote attackers to gain access.
Max CVSS
6.8
EPSS Score
0.73%
Published
2003-12-31
Updated
2017-07-29
The web administration page for the Ericsson HM220dp ADSL modem does not require authentication, which could allow remote attackers to gain access from the LAN side.
Max CVSS
7.5
EPSS Score
1.83%
Published
2003-12-31
Updated
2017-07-29
login_ldap 3.1 and 3.2 allows remote attackers to initiate unauthenticated bind requests if (1) bind_anon_dn is on, which allows a bind with no password provided, (2) bind_anon_cred is on, which allows a bind with no DN, or (3) bind_anon is on, which allows a bind with no DN or password.
Max CVSS
6.8
EPSS Score
0.90%
Published
2003-12-31
Updated
2017-07-29
Epic Games Unreal Engine 226f through 436 does not validate the challenge key, which allows remote attackers to exhaust the player limit by joining the game multiple times.
Max CVSS
4.3
EPSS Score
1.36%
Published
2003-12-31
Updated
2017-07-29
Trend Micro ScanMail for Exchange (SMEX) before 3.81 and before 6.1 might install a back door account in smg_Smxcfg30.exe, which allows remote attackers to gain access to the web management interface via the vcc parameter, possibly "3560121183d3".
Max CVSS
7.5
EPSS Score
3.71%
Published
2003-12-31
Updated
2017-07-29
Unknown vulnerability in Cisco Catalyst 7.5(1) allows local users to bypass authentication and gain access to the enable mode without a password.
Max CVSS
9.3
EPSS Score
0.08%
Published
2003-05-12
Updated
2008-09-10
7 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!