LiveActive security incident?Get immediate response
CVE archive

October 2003

Browse CVE records published in October 2003, with severity, affected products, CWE, KEV, and source-backed vulnerability context.

Showing 50 of 269 matching CVEs · Page 2 of 6.

Unknown · CVSS Not scored

CVE-2003-1486: Phorum 3.4 through 3.4.2 allows remote attackers to obtain the full path of the web server via an incorrect...

Phorum 3.4 through 3.4.2 allows remote attackers to obtain the full path of the web server via an incorrect HTTP request to (1) smileys.php, (2) quick_listrss.php, (3) purge.php, (4) news.php, (5) memberlist.php, (6) forum_listrss.php, (7) forum_list_rdf.php, (8) forum_list.php, or (9) move.php, which leaks the information in an error message.

Published Oct 24, 2007 · Updated Aug 8, 2024

Unknown · CVSS Not scored

CVE-2003-1513: Multiple cross-site scripting (XSS) vulnerabilities in example scripts in Caucho Technology Resin 2.0 throu...

Multiple cross-site scripting (XSS) vulnerabilities in example scripts in Caucho Technology Resin 2.0 through 2.1.2 allow remote attackers to inject arbitrary web script or HTML via (1) env.jsp, (2) form.jsp, (3) session.jsp, (4) the move parameter to tictactoe.jsp, or the (5) name or (6) comment fields to guestbook.jsp.

Published Oct 25, 2007 · Updated Aug 8, 2024