CVE-2003-1242 – Sage 1.0 Beta 3 - Content Management System Full Path Disclosure
https://notcve.org/view.php?id=CVE-2003-1242
Sage 1.0 b3 allows remote attackers to obtain the root web server path via a URL request for a non-existent module, which returns the path in an error message. • https://www.exploit-db.com/exploits/22269 http://archives.neohapsis.com/archives/bugtraq/2003-02/0236.html http://www.iss.net/security_center/static/11372.php http://www.securityfocus.com/bid/6893 •
CVE-2003-1243 – Sage 1.0 Beta 3 - Content Management System Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2003-1243
Cross-site scripting vulnerability (XSS) in Sage 1.0 b3 allows remote attackers to insert arbitrary HTML or web script via the mod parameter. • https://www.exploit-db.com/exploits/22270 http://archives.neohapsis.com/archives/bugtraq/2003-02/0236.html http://www.securityfocus.com/bid/6894 https://exchange.xforce.ibmcloud.com/vulnerabilities/11371 •