Search criteria
9 vulnerabilities found for cyberdocs by hummingbird
CVE-2003-1100 (GCVE-0-2003-1100)
Vulnerability from cvelistv5 – Published: 2005-03-11 05:00 – Updated: 2024-08-08 02:12
VLAI?
Summary
Multiple cross-site scripting (XSS) vulnerabilities in Hummingbird CyberDOCS 3.5.1, 3.9, and 4.0 allow remote attackers to inject arbitrary web script or HTML via certain vectors.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T02:12:36.027Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.procheckup.com/security_info/vuln_pr0305.html"
},
{
"name": "hummingbird-docsfusionserver-multiple-xss(13399)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/13399"
},
{
"name": "VU#488684",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/488684"
},
{
"name": "8815",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/8815"
},
{
"name": "9985",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/9985"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2003-10-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in Hummingbird CyberDOCS 3.5.1, 3.9, and 4.0 allow remote attackers to inject arbitrary web script or HTML via certain vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.procheckup.com/security_info/vuln_pr0305.html"
},
{
"name": "hummingbird-docsfusionserver-multiple-xss(13399)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/13399"
},
{
"name": "VU#488684",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/488684"
},
{
"name": "8815",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/8815"
},
{
"name": "9985",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/9985"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2003-1100",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in Hummingbird CyberDOCS 3.5.1, 3.9, and 4.0 allow remote attackers to inject arbitrary web script or HTML via certain vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.procheckup.com/security_info/vuln_pr0305.html",
"refsource": "MISC",
"url": "http://www.procheckup.com/security_info/vuln_pr0305.html"
},
{
"name": "hummingbird-docsfusionserver-multiple-xss(13399)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/13399"
},
{
"name": "VU#488684",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/488684"
},
{
"name": "8815",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/8815"
},
{
"name": "9985",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/9985"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2003-1100",
"datePublished": "2005-03-11T05:00:00",
"dateReserved": "2005-03-11T00:00:00",
"dateUpdated": "2024-08-08T02:12:36.027Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2003-1101 (GCVE-0-2003-1101)
Vulnerability from cvelistv5 – Published: 2005-03-11 05:00 – Updated: 2024-08-08 02:12
VLAI?
Summary
Hummingbird CyberDOCS 3.5.1, 3.9, and 4.0 allows remote attackers to obtain the full path of the DM Web Server via invalid login credentials, which reveals the path in an error message.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T02:12:35.942Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "VU#715548",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/715548"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.procheckup.com/security_info/vuln_pr0303.html"
},
{
"name": "9985",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/9985"
},
{
"name": "Hummingbird-docsfusionserver-disclose-path(13398)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/13398"
},
{
"name": "8816",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/8816"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2003-10-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Hummingbird CyberDOCS 3.5.1, 3.9, and 4.0 allows remote attackers to obtain the full path of the DM Web Server via invalid login credentials, which reveals the path in an error message."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "VU#715548",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/715548"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.procheckup.com/security_info/vuln_pr0303.html"
},
{
"name": "9985",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/9985"
},
{
"name": "Hummingbird-docsfusionserver-disclose-path(13398)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/13398"
},
{
"name": "8816",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/8816"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2003-1101",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Hummingbird CyberDOCS 3.5.1, 3.9, and 4.0 allows remote attackers to obtain the full path of the DM Web Server via invalid login credentials, which reveals the path in an error message."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "VU#715548",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/715548"
},
{
"name": "http://www.procheckup.com/security_info/vuln_pr0303.html",
"refsource": "MISC",
"url": "http://www.procheckup.com/security_info/vuln_pr0303.html"
},
{
"name": "9985",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/9985"
},
{
"name": "Hummingbird-docsfusionserver-disclose-path(13398)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/13398"
},
{
"name": "8816",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/8816"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2003-1101",
"datePublished": "2005-03-11T05:00:00",
"dateReserved": "2005-03-11T00:00:00",
"dateUpdated": "2024-08-08T02:12:35.942Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2003-1103 (GCVE-0-2003-1103)
Vulnerability from cvelistv5 – Published: 2005-03-11 05:00 – Updated: 2024-08-08 02:12
VLAI?
Summary
SQL injection vulnerability in loginact.asp for Hummingbird CyberDOCS before 3.9 allows remote attackers to execute arbitrary SQL commands.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T02:12:36.022Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.procheckup.com/security_info/vuln_pr0304.html"
},
{
"name": "VU#368300",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/368300"
},
{
"name": "9985",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/9985"
},
{
"name": "8800",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/8800"
},
{
"name": "hummingbird-docsfusionserver-sql-injection(13401)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/13401"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2003-10-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "SQL injection vulnerability in loginact.asp for Hummingbird CyberDOCS before 3.9 allows remote attackers to execute arbitrary SQL commands."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.procheckup.com/security_info/vuln_pr0304.html"
},
{
"name": "VU#368300",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/368300"
},
{
"name": "9985",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/9985"
},
{
"name": "8800",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/8800"
},
{
"name": "hummingbird-docsfusionserver-sql-injection(13401)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/13401"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2003-1103",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SQL injection vulnerability in loginact.asp for Hummingbird CyberDOCS before 3.9 allows remote attackers to execute arbitrary SQL commands."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.procheckup.com/security_info/vuln_pr0304.html",
"refsource": "MISC",
"url": "http://www.procheckup.com/security_info/vuln_pr0304.html"
},
{
"name": "VU#368300",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/368300"
},
{
"name": "9985",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/9985"
},
{
"name": "8800",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/8800"
},
{
"name": "hummingbird-docsfusionserver-sql-injection(13401)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/13401"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2003-1103",
"datePublished": "2005-03-11T05:00:00",
"dateReserved": "2005-03-11T00:00:00",
"dateUpdated": "2024-08-08T02:12:36.022Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2003-1100 (GCVE-0-2003-1100)
Vulnerability from nvd – Published: 2005-03-11 05:00 – Updated: 2024-08-08 02:12
VLAI?
Summary
Multiple cross-site scripting (XSS) vulnerabilities in Hummingbird CyberDOCS 3.5.1, 3.9, and 4.0 allow remote attackers to inject arbitrary web script or HTML via certain vectors.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T02:12:36.027Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.procheckup.com/security_info/vuln_pr0305.html"
},
{
"name": "hummingbird-docsfusionserver-multiple-xss(13399)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/13399"
},
{
"name": "VU#488684",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/488684"
},
{
"name": "8815",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/8815"
},
{
"name": "9985",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/9985"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2003-10-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in Hummingbird CyberDOCS 3.5.1, 3.9, and 4.0 allow remote attackers to inject arbitrary web script or HTML via certain vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.procheckup.com/security_info/vuln_pr0305.html"
},
{
"name": "hummingbird-docsfusionserver-multiple-xss(13399)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/13399"
},
{
"name": "VU#488684",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/488684"
},
{
"name": "8815",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/8815"
},
{
"name": "9985",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/9985"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2003-1100",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in Hummingbird CyberDOCS 3.5.1, 3.9, and 4.0 allow remote attackers to inject arbitrary web script or HTML via certain vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.procheckup.com/security_info/vuln_pr0305.html",
"refsource": "MISC",
"url": "http://www.procheckup.com/security_info/vuln_pr0305.html"
},
{
"name": "hummingbird-docsfusionserver-multiple-xss(13399)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/13399"
},
{
"name": "VU#488684",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/488684"
},
{
"name": "8815",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/8815"
},
{
"name": "9985",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/9985"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2003-1100",
"datePublished": "2005-03-11T05:00:00",
"dateReserved": "2005-03-11T00:00:00",
"dateUpdated": "2024-08-08T02:12:36.027Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2003-1101 (GCVE-0-2003-1101)
Vulnerability from nvd – Published: 2005-03-11 05:00 – Updated: 2024-08-08 02:12
VLAI?
Summary
Hummingbird CyberDOCS 3.5.1, 3.9, and 4.0 allows remote attackers to obtain the full path of the DM Web Server via invalid login credentials, which reveals the path in an error message.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T02:12:35.942Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "VU#715548",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/715548"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.procheckup.com/security_info/vuln_pr0303.html"
},
{
"name": "9985",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/9985"
},
{
"name": "Hummingbird-docsfusionserver-disclose-path(13398)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/13398"
},
{
"name": "8816",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/8816"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2003-10-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Hummingbird CyberDOCS 3.5.1, 3.9, and 4.0 allows remote attackers to obtain the full path of the DM Web Server via invalid login credentials, which reveals the path in an error message."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "VU#715548",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/715548"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.procheckup.com/security_info/vuln_pr0303.html"
},
{
"name": "9985",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/9985"
},
{
"name": "Hummingbird-docsfusionserver-disclose-path(13398)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/13398"
},
{
"name": "8816",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/8816"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2003-1101",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Hummingbird CyberDOCS 3.5.1, 3.9, and 4.0 allows remote attackers to obtain the full path of the DM Web Server via invalid login credentials, which reveals the path in an error message."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "VU#715548",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/715548"
},
{
"name": "http://www.procheckup.com/security_info/vuln_pr0303.html",
"refsource": "MISC",
"url": "http://www.procheckup.com/security_info/vuln_pr0303.html"
},
{
"name": "9985",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/9985"
},
{
"name": "Hummingbird-docsfusionserver-disclose-path(13398)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/13398"
},
{
"name": "8816",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/8816"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2003-1101",
"datePublished": "2005-03-11T05:00:00",
"dateReserved": "2005-03-11T00:00:00",
"dateUpdated": "2024-08-08T02:12:35.942Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2003-1103 (GCVE-0-2003-1103)
Vulnerability from nvd – Published: 2005-03-11 05:00 – Updated: 2024-08-08 02:12
VLAI?
Summary
SQL injection vulnerability in loginact.asp for Hummingbird CyberDOCS before 3.9 allows remote attackers to execute arbitrary SQL commands.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T02:12:36.022Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.procheckup.com/security_info/vuln_pr0304.html"
},
{
"name": "VU#368300",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/368300"
},
{
"name": "9985",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/9985"
},
{
"name": "8800",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/8800"
},
{
"name": "hummingbird-docsfusionserver-sql-injection(13401)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/13401"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2003-10-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "SQL injection vulnerability in loginact.asp for Hummingbird CyberDOCS before 3.9 allows remote attackers to execute arbitrary SQL commands."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.procheckup.com/security_info/vuln_pr0304.html"
},
{
"name": "VU#368300",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/368300"
},
{
"name": "9985",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/9985"
},
{
"name": "8800",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/8800"
},
{
"name": "hummingbird-docsfusionserver-sql-injection(13401)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/13401"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2003-1103",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SQL injection vulnerability in loginact.asp for Hummingbird CyberDOCS before 3.9 allows remote attackers to execute arbitrary SQL commands."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.procheckup.com/security_info/vuln_pr0304.html",
"refsource": "MISC",
"url": "http://www.procheckup.com/security_info/vuln_pr0304.html"
},
{
"name": "VU#368300",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/368300"
},
{
"name": "9985",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/9985"
},
{
"name": "8800",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/8800"
},
{
"name": "hummingbird-docsfusionserver-sql-injection(13401)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/13401"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2003-1103",
"datePublished": "2005-03-11T05:00:00",
"dateReserved": "2005-03-11T00:00:00",
"dateUpdated": "2024-08-08T02:12:36.022Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
FKIE_CVE-2003-1103
Vulnerability from fkie_nvd - Published: 2003-12-31 05:00 - Updated: 2025-04-03 01:03
Severity ?
Summary
SQL injection vulnerability in loginact.asp for Hummingbird CyberDOCS before 3.9 allows remote attackers to execute arbitrary SQL commands.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| hummingbird | cyberdocs | 3.1 | |
| hummingbird | cyberdocs | 3.5.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hummingbird:cyberdocs:3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "78A958C3-0409-4609-861F-56D87BB28494",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hummingbird:cyberdocs:3.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4918A7B2-3D0B-4E87-ADF0-728B396D0B83",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "SQL injection vulnerability in loginact.asp for Hummingbird CyberDOCS before 3.9 allows remote attackers to execute arbitrary SQL commands."
}
],
"id": "CVE-2003-1103",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2003-12-31T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://secunia.com/advisories/9985"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/368300"
},
{
"source": "cve@mitre.org",
"url": "http://www.procheckup.com/security_info/vuln_pr0304.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/8800"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/13401"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://secunia.com/advisories/9985"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/368300"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.procheckup.com/security_info/vuln_pr0304.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/8800"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/13401"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2003-1101
Vulnerability from fkie_nvd - Published: 2003-12-31 05:00 - Updated: 2025-04-03 01:03
Severity ?
Summary
Hummingbird CyberDOCS 3.5.1, 3.9, and 4.0 allows remote attackers to obtain the full path of the DM Web Server via invalid login credentials, which reveals the path in an error message.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| hummingbird | cyberdocs | 3.5.1 | |
| hummingbird | cyberdocs | 3.9 | |
| hummingbird | cyberdocs | 4.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hummingbird:cyberdocs:3.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4918A7B2-3D0B-4E87-ADF0-728B396D0B83",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hummingbird:cyberdocs:3.9:*:*:*:*:*:*:*",
"matchCriteriaId": "B1EC3268-A4B1-4B09-A1F9-E4A383C62AB9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hummingbird:cyberdocs:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "98EC0534-8FE8-49BB-9C8A-DED458C509B4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Hummingbird CyberDOCS 3.5.1, 3.9, and 4.0 allows remote attackers to obtain the full path of the DM Web Server via invalid login credentials, which reveals the path in an error message."
}
],
"id": "CVE-2003-1101",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2003-12-31T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://secunia.com/advisories/9985"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/715548"
},
{
"source": "cve@mitre.org",
"url": "http://www.procheckup.com/security_info/vuln_pr0303.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/8816"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/13398"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://secunia.com/advisories/9985"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/715548"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.procheckup.com/security_info/vuln_pr0303.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/8816"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/13398"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2003-1100
Vulnerability from fkie_nvd - Published: 2003-12-31 05:00 - Updated: 2025-04-03 01:03
Severity ?
Summary
Multiple cross-site scripting (XSS) vulnerabilities in Hummingbird CyberDOCS 3.5.1, 3.9, and 4.0 allow remote attackers to inject arbitrary web script or HTML via certain vectors.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| hummingbird | cyberdocs | 3.5.1 | |
| hummingbird | cyberdocs | 3.9 | |
| hummingbird | cyberdocs | 4.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hummingbird:cyberdocs:3.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4918A7B2-3D0B-4E87-ADF0-728B396D0B83",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hummingbird:cyberdocs:3.9:*:*:*:*:*:*:*",
"matchCriteriaId": "B1EC3268-A4B1-4B09-A1F9-E4A383C62AB9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hummingbird:cyberdocs:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "98EC0534-8FE8-49BB-9C8A-DED458C509B4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in Hummingbird CyberDOCS 3.5.1, 3.9, and 4.0 allow remote attackers to inject arbitrary web script or HTML via certain vectors."
}
],
"id": "CVE-2003-1100",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2003-12-31T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://secunia.com/advisories/9985"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/488684"
},
{
"source": "cve@mitre.org",
"url": "http://www.procheckup.com/security_info/vuln_pr0305.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/8815"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/13399"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://secunia.com/advisories/9985"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/488684"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.procheckup.com/security_info/vuln_pr0305.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/8815"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/13399"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}