CVSS: 5.0EPSS: 0%CPEs: 3EXPL: 0CVE-2003-1102
https://notcve.org/view.php?id=CVE-2003-1102
Hummingbird CyberDOCS 3.5, 3.9, and 4.0, when running on IIS, uses insecure permissions for script source code files, which allows remote attackers to read the source code. • http://secunia.com/advisories/9985 http://www.kb.cert.org/vuls/id/989580 http://www.procheckup.com/security_info/vuln_pr0302.html https://exchange.xforce.ibmcloud.com/vulnerabilities/13397 •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2003-1103
https://notcve.org/view.php?id=CVE-2003-1103
SQL injection vulnerability in loginact.asp for Hummingbird CyberDOCS before 3.9 allows remote attackers to execute arbitrary SQL commands. • http://secunia.com/advisories/9985 http://www.kb.cert.org/vuls/id/368300 http://www.procheckup.com/security_info/vuln_pr0304.html http://www.securityfocus.com/bid/8800 https://exchange.xforce.ibmcloud.com/vulnerabilities/13401 •
CVSS: 5.0EPSS: 1%CPEs: 3EXPL: 0CVE-2003-1101
https://notcve.org/view.php?id=CVE-2003-1101
Hummingbird CyberDOCS 3.5.1, 3.9, and 4.0 allows remote attackers to obtain the full path of the DM Web Server via invalid login credentials, which reveals the path in an error message. • http://secunia.com/advisories/9985 http://www.kb.cert.org/vuls/id/715548 http://www.procheckup.com/security_info/vuln_pr0303.html http://www.securityfocus.com/bid/8816 https://exchange.xforce.ibmcloud.com/vulnerabilities/13398 •
CVSS: 4.3EPSS: 0%CPEs: 3EXPL: 0CVE-2003-1100
https://notcve.org/view.php?id=CVE-2003-1100
Multiple cross-site scripting (XSS) vulnerabilities in Hummingbird CyberDOCS 3.5.1, 3.9, and 4.0 allow remote attackers to inject arbitrary web script or HTML via certain vectors. • http://secunia.com/advisories/9985 http://www.kb.cert.org/vuls/id/488684 http://www.procheckup.com/security_info/vuln_pr0305.html http://www.securityfocus.com/bid/8815 https://exchange.xforce.ibmcloud.com/vulnerabilities/13399 •