CVE-2003-0481

MEDIUM

4.3

CVSS Severity Score

EPSS Score0.1980%

EPSS Percentile35.29th

Published2003年8月7日

Last Modified2026年4月16日

Vulnerability Description

Multiple cross-site scripting (XSS) vulnerabilities in TUTOS 1.1 allow remote attackers to insert arbitrary web script, as demonstrated using the msg parameter to file_select.php.

Affected Platforms (CPE)

📦

Gero Kohnert

Tutos

= 1.1

References & Advisories

🔗 http://marc.info/?l=bugtraq&m=105638743109781&w=2

相关漏洞威胁

CVE-2008-014810.0

TUTOS 1.3 does not restrict access to php/admin/cmd.php, which allows remote attackers to execute arbitrary shell commands via the...

CVE-2003-04827.5

TUTOS 1.1 allows remote attackers to execute arbitrary code by uploading the code using file_new.php, then directly accessing the ...

CVE-2004-21617.5

SQL injection vulnerability in file_overview.php in TUTOS 1.1 allows remote attackers to execute arbitrary SQL commands via the li...

CVE-2008-01495.0

TUTOS 1.3 allows remote attackers to read system information via a direct request to php/admin/phpinfo.php, which calls the phpinf...