CVSS: 7.5EPSS: 2%CPEs: 2EXPL: 2CVE-2003-1414 – Apple QuickTime/Darwin Streaming Server 4.1.x - 'parse_xml.cgi' File Disclosure
https://notcve.org/view.php?id=CVE-2003-1414
31 Dec 2003 — Directory traversal vulnerability in parse_xml.cg Apple Darwin Streaming Server 4.1.2 and Apple Quicktime Streaming Server 4.1.1 allows remote attackers to read arbitrary files via a ... (triple dot) in the filename parameter. • https://www.exploit-db.com/exploits/22312 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 9.8EPSS: 87%CPEs: 2EXPL: 1CVE-2003-0050 – QuickTime Streaming Server - 'parse_xml.cgi' Remote Execution
https://notcve.org/view.php?id=CVE-2003-0050
07 Mar 2003 — parse_xml.cgi in Apple Darwin Streaming Administration Server 4.1.2 and QuickTime Streaming Server 4.1.1 allows remote attackers to execute arbitrary code via shell metacharacters. parse_xml.cgi en Apple Darwin Streaming Administration Server 4.1.2 y QuickTime Streaming Server 4.1.1 permite a atacantes remotos la ejecución arbitraria de código mediante metacaracteres de shell. • https://www.exploit-db.com/exploits/16891 •
CVSS: 5.3EPSS: 0%CPEs: 2EXPL: 0CVE-2003-0051
https://notcve.org/view.php?id=CVE-2003-0051
07 Mar 2003 — parse_xml.cgi in Apple Darwin Streaming Administration Server 4.1.2 and QuickTime Streaming Server 4.1.1 allows remote attackers to obtain the physical path of the server's installation path via a NULL file parameter. parse_xml.cgi en Apple Darwin Streaming Administration Server 4.1.2 y QuickTime Streaming Server 4.1.1 permite a atacantes remotos obtener la ruta de instalación del servidor mediante un parámetro file igual a NULL. • http://lists.apple.com/archives/security-announce/2003/Feb/25/applesa20030225macosx102.txt •
CVSS: 5.3EPSS: 0%CPEs: 2EXPL: 0CVE-2003-0052
https://notcve.org/view.php?id=CVE-2003-0052
07 Mar 2003 — parse_xml.cgi in Apple Darwin Streaming Administration Server 4.1.2 and QuickTime Streaming Server 4.1.1 allows remote attackers to list arbitrary directories. parse_xml.cgi en Apple Darwin Streaming Administration Server 4.1.2 y QuickTime Streaming Server 4.1.1 permite a atacantes remotos realizar un listado arbitrario de directorios. • http://lists.apple.com/archives/security-announce/2003/Feb/25/applesa20030225macosx102.txt •
CVSS: 6.1EPSS: 0%CPEs: 2EXPL: 0CVE-2003-0053
https://notcve.org/view.php?id=CVE-2003-0053
07 Mar 2003 — Cross-site scripting (XSS) vulnerability in parse_xml.cgi in Apple Darwin Streaming Administration Server 4.1.2 and QuickTime Streaming Server 4.1.1 allows remote attackers to insert arbitrary script via the filename parameter, which is inserted into an error message. Vulnerabilidad de secuencias de comandos en sitios cruzados (XSS) en parse_xml.cgi de Apple Darwin Streaming Administration Server 4.1.2 y QuickTime Streaming Server 4.1.1 permite a atacantes remotos la inserción de código arbitrario mediante ... • http://lists.apple.com/archives/security-announce/2003/Feb/25/applesa20030225macosx102.txt •
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 0CVE-2003-0054
https://notcve.org/view.php?id=CVE-2003-0054
07 Mar 2003 — Apple Darwin Streaming Administration Server 4.1.2 and QuickTime Streaming Server 4.1.1 allows remote attackers to execute certain code via a request to port 7070 with the script in an argument to the rtsp DESCRIBE method, which is inserted into a log file and executed when the log is viewed using a browser. Apple Darwin Streaming Administration Server 4.1.2 y QuickTime Streaming Server 4.1.1 permite a atacantes remotos la ejecución de cierto código mediante a una petición al puerto 7070 con la rutina como ... • http://lists.apple.com/archives/security-announce/2003/Feb/25/applesa20030225macosx102.txt •