Total
210374 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2002-1702 | 1 Deltascripts | 1 Php Classifieds | 2017-07-10 | 4.3 MEDIUM | N/A |
| Cross-site scripting vulnerability (XSS) in DeltaScripts PHP Classifieds 6.0.5 allows remote attackers to execute arbitrary script as other users via the URL parameter. | |||||
| CVE-2002-1703 | 1 Mewsoft | 1 Netauction | 2017-07-10 | 6.8 MEDIUM | N/A |
| Cross-site scripting vulnerability (XSS) in auction.cgi for Mewsoft NetAuction 3.0 allows remote attackers to execute arbitrary script as other users via the Term parameter. | |||||
| CVE-2002-1704 | 1 Zeroboard | 1 Zeroboard | 2017-07-10 | 5.0 MEDIUM | N/A |
| Zeroboard 4.1, when the "allow_url_fopen" and "register_globals" variables are enabled, allows remote attackers to execute arbitrary PHP code by modifying the _zb_path parameter to reference a URL on a remote web server that contains the code. | |||||
| CVE-2002-1706 | 1 Cisco | 1 Ios | 2017-07-10 | 5.0 MEDIUM | N/A |
| Cisco IOS software 11.3 through 12.2 running on Cisco uBR7200 and uBR7100 series Universal Broadband Routers allows remote attackers to modify Data Over Cable Service Interface Specification (DOCSIS) settings via a DOCSIS file without a Message Integrity Check (MIC) signature, which is approved by the router. | |||||
| CVE-2002-1707 | 1 Phpbb Group | 1 Phpbb | 2017-07-10 | 5.0 MEDIUM | N/A |
| install.php in phpBB 2.0 through 2.0.1, when "allow_url_fopen" and "register_globals" variables are set to "on", allows remote attackers to execute arbitrary PHP code by modifying the phpbb_root_dir parameter to reference a URL on a remote web server that contains the code. | |||||
| CVE-2002-1708 | 1 Basilix | 1 Basilix Webmail | 2017-07-10 | 6.8 MEDIUM | N/A |
| Cross-site scripting vulnerability (XSS) in BasiliX Webmail 1.10 allows remote attackers to execute arbitrary script as other users by injecting script into the (1) subject or (2) message fields. | |||||
| CVE-2003-1286 | 1 Sambar | 1 Sambar Server | 2017-07-10 | 7.5 HIGH | N/A |
| HTTP Proxy in Sambar Server before 6.0 beta 6, when security.ini lacks a 127.0.0.1 proxydeny entry, allows remote attackers to send proxy HTTP requests to the Sambar Server's administrative interface and external web servers, by making a "Connection: keep-alive" request before the proxy requests. | |||||
| CVE-2003-1287 | 1 Sambar | 1 Sambar Server | 2017-07-10 | 4.6 MEDIUM | N/A |
| Sambar Server before 6.0 beta 3 allows attackers with physical access to execute arbitrary code via a request with an MS-DOS device name such as com1.pl, con.pl, or aux.pl, which causes Perl to read the code from the associated device. | |||||
| CVE-2004-0005 | 1 Rob Flynn | 1 Gaim | 2017-07-10 | 7.5 HIGH | N/A |
| Multiple buffer overflows in Gaim 0.75 allow remote attackers to cause a denial of service and possibly execute arbitrary code via (1) octal encoding in yahoo_decode that causes a null byte to be written beyond the buffer, (2) octal encoding in yahoo_decode that causes a pointer to reference memory beyond the terminating null byte, (3) a quoted printable string to the gaim_quotedp_decode MIME decoder that causes a null byte to be written beyond the buffer, and (4) quoted printable encoding in gaim_quotedp_decode that causes a pointer to reference memory beyond the terminating null byte. | |||||
| CVE-2002-1709 | 1 Basilix | 1 Basilix Webmail | 2017-07-10 | 6.4 MEDIUM | N/A |
| SQL injection vulnerability in BasiliX Webmail 1.10 allows remote attackers to obtain sensitive information or possibly modify data via the id variable. | |||||
| CVE-2002-1710 | 1 Basilix | 1 Basilix Webmail | 2017-07-10 | 3.6 LOW | N/A |
| The attachment capability in Compose Mail in BasiliX Webmail 1.1.0 does not check whether the attachment was uploaded by the user or came from a HTTP POST, which could allow local users to steal sensitive information like a password file. | |||||
| CVE-2002-1711 | 1 Basilix | 1 Basilix Webmail | 2017-07-10 | 2.1 LOW | N/A |
| BasiliX 1.1.0 saves attachments in a world readable /tmp/BasiliX directory, which allows local users to read other users' attachments. | |||||
| CVE-2002-1713 | 1 Mandrakesoft | 1 Mandrake Linux | 2017-07-10 | 2.1 LOW | N/A |
| The Standard security setting for Mandrake-Security package (msec) in Mandrake 8.2 installs home directories with world-readable permissions, which could allow local users to read other user's files. | |||||
| CVE-2002-1715 | 1 Ssh | 2 Ssh, Ssh2 | 2017-07-10 | 7.2 HIGH | N/A |
| SSH 1 through 3, and possibly other versions, allows local users to bypass restricted shells such as rbash or rksh by uploading a script to a world-writeable directory, then executing that script to gain normal shell access. | |||||
| CVE-2002-1719 | 1 Bavo | 1 Bavo | 2017-07-10 | 5.0 MEDIUM | N/A |
| Unknown vulnerability in Bavo 0.3 allows remote attackers to modify posted messages. | |||||
| CVE-2002-1720 | 1 Outfront | 1 Spooky Login | 2017-07-10 | 7.5 HIGH | N/A |
| SQL injection vulnerability in Spooky Login 2.0 through 2.5 allows remote attackers to bypass authentication and gain privileges via the password field. | |||||
| CVE-2002-1721 | 1 Paul L Daniels | 1 Altermime | 2017-07-10 | 5.0 MEDIUM | N/A |
| Off-by-one error in alterMIME 0.1.10 and 0.1.11 allows remote attackers to cause a denial of service (crash) via an x-header that causes snprintf overwrite the FFGET_FILE variable with a (null) byte. | |||||
| CVE-2002-1722 | 1 Logitech | 3 Cordless Freedom Itouch Keyboard, Cordless Itouch Keyboard, Itouch Keyboard | 2017-07-10 | 4.6 MEDIUM | N/A |
| Logitech iTouch keyboards allows attackers with physical access to the system to bypass the screen locking function and execute user-defined commands that have been assigned to a button. | |||||
| CVE-2002-1723 | 1 Powerboards | 1 Powerboards | 2017-07-10 | 5.0 MEDIUM | N/A |
| Powerboards 2.2b allows remote attackers to view the full path to the backend database by sending a cookie containing a non-existent username to profiles.php, which displays the full path in the error message. | |||||
| CVE-2002-1724 | 1 Onlinetools.org | 1 Phpimageview | 2017-07-10 | 6.8 MEDIUM | N/A |
| Cross-site scripting vulnerability (XSS) in phpimageview.php for PHPImageView 1.0 allows remote attackers to execute arbitrary script as other users via the pic parameter. | |||||