Total
304758 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2002-1808 | 1 Zack Coburn | 1 Meunity Community System | 2008-09-05 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Meunity Community System 1.1 allows remote attackers to inject arbitrary web script or HTML via Javascript in an IMG tag when creating a topic. | |||||
| CVE-2002-1966 | 1 My Postcards | 1 My Postcards Platinum | 2008-09-05 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in magiccard.cgi in My Postcards Platinum 5.0 and 6.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the page parameter. | |||||
| CVE-2002-1968 | 1 Com21 | 1 Doxport 1100 | 2008-09-05 | 2.1 LOW | N/A |
| Com21 DOXport 1100 series cable modem running firmware 2.1.1.106, and possibly other versions before 2.1.1.108.003, downloads a DOCSIS configuration file from a TFTP server running on the internal network, which allows local users to modify configuration of the modem via a malicious TFTP server. | |||||
| CVE-2002-1842 | 1 Perlbot | 1 Perlbot | 2008-09-05 | 7.5 HIGH | N/A |
| Perlbot 1.0 beta allows remote attackers to execute arbitrary commands via shell metacharacters in (1) a word that is being spell checked or (2) an e-mail address. | |||||
| CVE-2002-1802 | 1 Xoops | 1 Xoops | 2008-09-05 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Xoops 1.0 RC3 allows remote attackers to inject arbitrary web script or HTML via Javascript in an IMG tag when submitting news. | |||||
| CVE-2002-1903 | 1 University Of Washington | 1 Pine | 2008-09-05 | 5.0 MEDIUM | N/A |
| Pine 4.2.1 through 4.4.4 puts Unix usernames and/or uid into Sender: and X-Sender: headers, which could allow remote attackers to obtain sensitive information. | |||||
| CVE-2002-1843 | 1 Perlbot | 1 Perlbot | 2008-09-05 | 7.5 HIGH | N/A |
| Perlbot 1.9.2 allows remote attackers to execute arbitrary commands via shell metacharacters in (1) the $text variable in SpelCheck.pm or (2) the $filename variable in HTMLPlog.pm. | |||||
| CVE-2002-1840 | 1 Irssi | 1 Irssi | 2008-09-05 | 10.0 HIGH | N/A |
| irssi IRC client 0.8.4, when downloaded after 14-March-2002, could contain a backdoor in the configuration file, which allows remote attackers to access the system. | |||||
| CVE-2002-1893 | 1 Argosoft | 1 Argosoft Mail Server | 2008-09-05 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in ArGoSoft Mail Server Pro 1.8.1.9 allows remote attackers to inject arbitrary web script or HTML via the e-mail message. | |||||
| CVE-2002-1894 | 1 Phpbb Group | 1 Phpbb | 2008-09-05 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in viewtopic.php in phpBB 2.0.3 allows remote attackers to inject arbitrary web script or HTML via the highlight parameter. | |||||
| CVE-2002-1970 | 1 Snortcenter | 1 Snortcenter | 2008-09-05 | 2.1 LOW | N/A |
| SnortCenter 0.9.5, when configured to push Snort rules, stores the rules in a temporary file with world-readable and world-writable permissions, which allows local users to obtain usernames and passwords for the alert database servers. | |||||
| CVE-2002-1854 | 1 Rlaj | 1 Rlaj Whois | 2008-09-05 | 10.0 HIGH | N/A |
| Rlaj whois CGI script (whois.cgi) 1.0 allows remote attackers to execute arbitrary commands via shell metacharacters in the domain name field. | |||||
| CVE-2002-1954 | 1 Php | 1 Php | 2008-09-05 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the phpinfo function in PHP 4.2.3 allows remote attackers to inject arbitrary web script or HTML via the query string argument, as demonstrated using soinfo.php. | |||||
| CVE-2002-1940 | 1 Jacob Navia | 1 Lcc-win32 | 2008-09-05 | 5.0 MEDIUM | N/A |
| LCC-Win32 3.2 compiler, when running on Windows 95, 98, or ME, writes portions of previously used memory after the import table, which could allow attackers to gain sensitive information. NOTE: it has been reported that this problem is due to the OS and not the application. | |||||
| CVE-2002-1826 | 1 Grsecurity | 1 Grsecurity Kernel Patch | 2008-09-05 | 4.6 MEDIUM | N/A |
| grsecurity 1.9.4 for Linux kernel 2.4.18 allows local users to bypass read-only permissions by using mmap to directly map /dev/mem or /dev/kmem to kernel memory. | |||||
| CVE-2002-1845 | 1 Yabb | 1 Yabb | 2008-09-05 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in Yet Another Bulletin Board (YaBB) 1.40 and 1.41 allows remote attackers to inject arbitrary web script or HTML via the password (passwrd) parameter. | |||||
| CVE-2002-1861 | 1 Sybase | 1 Easerver | 2008-09-05 | 5.0 MEDIUM | N/A |
| Sybase Enterprise Application Server 4.0, when running on Windows, allows remote attackers to retrieve files in the WEB-INF directory, which contains Java class files and configuration information, via a request to the WEB-INF directory with a trailing dot ("WEB-INF."). | |||||
| CVE-2002-1689 | 1 Ibm | 1 Aix | 2008-09-05 | 10.0 HIGH | N/A |
| Unknown vulnerability in the login program on AIX before 4.0 could allow remote users to specify 100 or more environment variables when logging on, which exceeds the length of a certain string, possibly triggering a buffer overflow. | |||||
| CVE-2002-1823 | 1 Lonerunner | 1 Zeroo Http Server | 2008-09-05 | 7.5 HIGH | N/A |
| Buffer overflow in the HttpGetRequest function in Zeroo HTTP server 1.5 allows remote attackers to execute arbitrary code via a long HTTP request. | |||||
| CVE-2002-1784 | 1 Hp | 1 Tru64 | 2008-09-05 | 5.0 MEDIUM | N/A |
| Unknown vulnerability in inetd in HP Tru64 Unix 4.0f through 5.1a allows remote attackers to cause a denial of service via unknown attack vectors. | |||||