Total
29527 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2002-1465 | 1 Cafelog | 1 B2 | 2008-09-05 | 7.5 HIGH | N/A |
| SQL injection vulnerability in CafeLog b2 Weblog Tool allows remote attackers to execute arbitrary SQL code via the tablehosts variable. | |||||
| CVE-2002-1132 | 1 Squirrelmail | 1 Squirrelmail | 2008-09-05 | 5.0 MEDIUM | N/A |
| SquirrelMail 1.2.7 and earlier allows remote attackers to determine the absolute pathname of the options.php script via a malformed optpage file argument, which generates an error message when the file cannot be included in the script. | |||||
| CVE-2002-0895 | 1 Matu | 1 Matu Ftp | 2008-09-05 | 7.5 HIGH | N/A |
| Buffer overflow in MatuFtpServer 1.1.3.0 (1.1.3) allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long PASS (password) command. | |||||
| CVE-2002-1028 | 1 Oddsock | 1 Song Requester | 2008-09-05 | 5.0 MEDIUM | N/A |
| Multiple buffer overflows in the CGI programs for Oddsock Song Requester WinAmp plugin 2.1 allow remote attackers to cause a denial of service (crash) via long arguments. | |||||
| CVE-2002-1016 | 1 Adobe | 1 Digital Editions | 2008-09-05 | 4.6 MEDIUM | N/A |
| Adobe eBook Reader allows a user to bypass restrictions for copy, print, lend, and give operations by backing up key data files, performing the operations, and restoring the original data files. | |||||
| CVE-2002-0992 | 1 Hp | 1 Hp-ux | 2008-09-05 | 2.1 LOW | N/A |
| Unknown vulnerability in IPV6 functionality for DCE daemons (1) dced or (2) rpcd on HP-UX 11.11 allows attackers to cause a denial of service (crash) via an attack that modifies internal data. | |||||
| CVE-2002-0967 | 1 Edonkey2000 | 1 Edonkey 2000 Client | 2008-09-05 | 7.5 HIGH | N/A |
| Buffer overflow in eDonkey 2000 35.16.60 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long "ed2k:" URL. | |||||
| CVE-2002-1080 | 1 Aprelium Technologies | 1 Abyss Web Server | 2008-09-05 | 7.5 HIGH | N/A |
| The Administration console for Abyss Web Server 1.0.3 before Patch 2 allows remote attackers to gain privileges and modify server configuration via direct requests to CHL files such as (1) srvstatus.chl, (2) consport.chl, (3) general.chl, (4) srvparam.chl, and (5) advanced.chl. | |||||
| CVE-2002-0934 | 1 Jon Hedley | 1 Alienform2 | 2008-09-05 | 6.4 MEDIUM | N/A |
| Directory traversal vulnerability in Jon Hedley AlienForm2 (typically installed as af.cgi or alienform.cgi) allows remote attackers to read or modify arbitrary files via an illegal character in the middle of a .. (dot dot) sequence in the parameters (1) _browser_out or (2) _out_file. | |||||
| CVE-2002-1048 | 1 Hp | 1 Jetdirect | 2008-09-05 | 7.5 HIGH | N/A |
| HP JetDirect printers allow remote attackers to obtain the administrative password for the (1) web and (2) telnet services via an SNMP request to the variable (.iso.3.6.1.4.1.11.2.3.9.4.2.1.3.9.1.1.0. | |||||
| CVE-2002-1053 | 1 W3c | 1 Jigsaw | 2008-09-05 | 6.8 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in W3C Jigsaw Proxy Server before 2.2.1 allows remote attackers to execute arbitrary script via a URL that contains a reference to a nonexistent host followed by the script, which is included in the resulting error message. | |||||
| CVE-2002-0870 | 1 Cisco | 2 Content Services Switch 11000, Webns | 2008-09-05 | 7.5 HIGH | N/A |
| The original patch for the Cisco Content Service Switch 11000 Series authentication bypass vulnerability (CVE-2001-0622) was incomplete, which still allows remote attackers to gain additional privileges by directly requesting the web management URL instead of navigating through the interface, possibly via a variant of the original attack, as identified by Cisco bug ID CSCdw08549. | |||||
| CVE-2002-1010 | 1 Lotus | 1 Domino R4 | 2008-09-05 | 7.5 HIGH | N/A |
| Lotus Domino R4 allows remote attackers to bypass access restrictions for files in the web root via an HTTP request appended with a "?" character, which is treated as a wildcard character and bypasses the web handlers. | |||||
| CVE-2002-1077 | 1 Ipswitch | 1 Imail | 2008-09-05 | 5.0 MEDIUM | N/A |
| IPSwitch IMail Web Calendaring service (iwebcal) allows remote attackers to cause a denial of service (crash) via an HTTP POST request without a Content-Length field. | |||||
| CVE-2002-1031 | 1 Key Focus | 1 Kf Web Server | 2008-09-05 | 5.0 MEDIUM | N/A |
| KeyFocus (KF) web server 1.0.2 allows remote attackers to list directories and read restricted files via an HTTP request containing a %00 (null) character. | |||||
| CVE-2002-1131 | 1 Squirrelmail | 1 Squirrelmail | 2008-09-05 | 7.5 HIGH | N/A |
| Cross-site scripting vulnerabilities in SquirrelMail 1.2.7 and earlier allows remote attackers to execute script as other web users via (1) addressbook.php, (2) options.php, (3) search.php, or (4) help.php. | |||||
| CVE-2002-1045 | 1 Ultrafunk | 1 Popcorn | 2008-09-05 | 5.0 MEDIUM | N/A |
| Ultrafunk Popcorn 1.20 allows remote attackers to cause a denial of service (crash) via a malformed Date field that is converted into a year greater than 2037. | |||||
| CVE-2002-0933 | 1 Datalex | 1 Bookit Consumer | 2008-09-05 | 7.5 HIGH | N/A |
| Datalex PLC BookIt! Consumer before 2.2 stores usernames and passwords in plaintext in a cookie, which could allow remote attackers to gain privileges via Cross-site scripting or sniffing attacks. | |||||
| CVE-2002-0950 | 1 Transware | 1 Active Mail | 2008-09-05 | 7.5 HIGH | N/A |
| Cross-site scripting vulnerability in TransWARE Active! mail 1.422 and 2.0 allows remote attackers to execute arbitrary code via a certain e-mail header, which is not properly filtered. | |||||
| CVE-2002-1084 | 1 Visualshapers | 1 Ezcontents | 2008-09-05 | 6.4 MEDIUM | N/A |
| The VerifyLogin function in ezContents 1.41 and earlier does not properly halt program execution if a user fails to log in properly, which allows remote attackers to modify and view restricted information via HTTP POST requests. | |||||