CVSS: 5.0EPSS: 0%CPEs: 4EXPL: 1CVE-2003-1423
https://notcve.org/view.php?id=CVE-2003-1423
Petitforum stores the liste.txt data file under the web document root with insufficient access control, which allows remote attackers to obtain sensitive information such as e-mail addresses and encrypted passwords. • http://securitytracker.com/id?1006117 https://exchange.xforce.ibmcloud.com/vulnerabilities/11358 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 5.0EPSS: 0%CPEs: 2EXPL: 0CVE-2003-1330
https://notcve.org/view.php?id=CVE-2003-1330
Clearswift MAILsweeper for SMTP 4.3.6 SP1 does not execute custom "on strip unsuccessful" hooks, which allows remote attackers to bypass e-mail attachment filtering policies via an attachment that MAILsweeper can detect but not remove. • http://www.mimesweeper.com/download/bin/Patches/MAILsweeper_Patches_301_ReadMe.htm http://www.securityfocus.com/bid/7226 https://exchange.xforce.ibmcloud.com/vulnerabilities/11745 •
CVSS: 4.3EPSS: 0%CPEs: 6EXPL: 0CVE-2003-1467
https://notcve.org/view.php?id=CVE-2003-1467
Multiple cross-site scripting (XSS) vulnerabilities in (1) login.php, (2) register.php, (3) post.php, and (4) common.php in Phorum before 3.4.3 allow remote attackers to inject arbitrary web script or HTML via unknown attack vectors. • http://securityreason.com/securityalert/3288 http://www.securityfocus.com/archive/1/321310 http://www.securityfocus.com/bid/7572 http://www.securityfocus.com/bid/7573 http://www.securityfocus.com/bid/7576 http://www.securityfocus.com/bid/7577 http://www.securityfocus.com/bid/7584 https://exchange.xforce.ibmcloud.com/vulnerabilities/12487 https://exchange.xforce.ibmcloud.com/vulnerabilities/12502 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.0EPSS: 2%CPEs: 5EXPL: 1CVE-2003-1430 – Epic Games Unreal Engine 436 - URL Directory Traversal
https://notcve.org/view.php?id=CVE-2003-1430
Directory traversal vulnerability in Unreal Tournament Server 436 and earlier allows remote attackers to access known files via a ".." (dot dot) in an unreal:// URL. • https://www.exploit-db.com/exploits/22224 http://archives.neohapsis.com/archives/bugtraq/2003-02/0063.html http://archives.neohapsis.com/archives/bugtraq/2003-02/0142.html http://www.securityfocus.com/bid/6775 https://exchange.xforce.ibmcloud.com/vulnerabilities/11299 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 6.6EPSS: 0%CPEs: 3EXPL: 0CVE-2003-1392
https://notcve.org/view.php?id=CVE-2003-1392
CryptoBuddy 1.0 and 1.2 does not use the user-supplied passphrase to encrypt data, which could allow local users to use their own passphrase to decrypt the data. • http://www.securityfocus.com/archive/1/311176 http://www.securityfocus.com/bid/6812 https://exchange.xforce.ibmcloud.com/vulnerabilities/11317 • CWE-310: Cryptographic Issues •