Total
210374 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2002-1725 | 1 Onlinetools.org | 1 Phpimageview | 2017-07-10 | 5.0 MEDIUM | N/A |
| phpimageview.php in PHPImageView 1.0 allows remote attackers to obtain sensitive information via the pw=show option, which invokes the phpinfo function. | |||||
| CVE-2002-1726 | 1 Brokenbytes | 1 Photodb | 2017-07-10 | 7.5 HIGH | N/A |
| secure_inc.php in PhotoDB 1.4 allows remote attackers to bypass authentication via a URL with a large Time parameter, non-empty rmtusername and rmtpassword parameter, and an accesslevel parameter that is lower than the access level of the requested page. | |||||
| CVE-2002-1727 | 1 Asksam Systems | 1 Asksam Web Publisher | 2017-07-10 | 6.8 MEDIUM | N/A |
| Cross-site scripting vulnerability (XSS) in (1) as_web.exe and (2) as_web4.exe in askSam Web Publisher 1 and 4 allows remote attackers to execute arbitrary script as other users via a URL. | |||||
| CVE-2002-1728 | 1 Asksam Systems | 1 Asksam Web Publisher | 2017-07-10 | 5.0 MEDIUM | N/A |
| askSam Web Publisher 1.0 and 4.0 allows remote attackers to determine the full path to the web root directory via a request for a file that does not exist, which generates an error message that reveals the full path. | |||||
| CVE-2002-1729 | 1 Aspjar | 1 Aspjar Guestbook | 2017-07-10 | 6.8 MEDIUM | N/A |
| Cross-site scripting vulnerability (XSS) in ASPjar Guestbook 1.00 allows remote attackers to execute arbitrary script as other users via the "web site" parameter in a guestbook message. | |||||
| CVE-2002-1730 | 1 Aspjar | 1 Aspjar Guestbook | 2017-07-10 | 5.0 MEDIUM | N/A |
| ASPjar Guestbook 1.00 allows remote attackers to delete arbitrary messages accessing the delete.asp administrative script with certain cookie values set to "true". | |||||
| CVE-2002-1731 | 1 Ibm | 1 Os 400 | 2017-07-10 | 2.1 LOW | N/A |
| The System Request menu in IBM AS/400 allows local users to list valid user accounts by viewing the object names that are type USRPRF. | |||||
| CVE-2002-1732 | 1 Actinic | 1 Actinic Catalog | 2017-07-10 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Actinic Catalog 4.7.0 allow remote attackers to inject arbitrary web script or HTML via (1) the query string argument to certain .pl files, (2) the REFPAGE parameter to ca000007.pl, (3) PRODREF parameter to ss000007.pl, or (4) hop parameter to ca000001.pl. | |||||
| CVE-2002-1733 | 1 Prospero Technologies | 1 Prospero Message Board | 2017-07-10 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the web-based message board in Prospero Technologies allows remote attackers to inject arbitrary web script or HTML via a message board post. | |||||
| CVE-2002-1734 | 1 Aspbin | 1 Newspro | 2017-07-10 | 10.0 HIGH | N/A |
| NewsPro 1.01 allows remote attackers to gain unauthorized administrator access by setting their authentication cookie to "logged,true". | |||||
| CVE-2002-1735 | 1 Davin Mccall | 1 Dlogin | 2017-07-10 | 7.2 HIGH | N/A |
| Buffer overflow in dlogin 1.0a could allow local users to gain privileges via unknown attack vectors. | |||||
| CVE-2002-1736 | 1 Markus Triska | 1 Cginews | 2017-07-10 | 5.0 MEDIUM | N/A |
| Unknown vulnerability in CGINews before 1.06 allow remote attackers to read arbitrary files via "unfiltered user input." | |||||
| CVE-2002-1737 | 1 Astaro | 1 Security Linux | 2017-07-10 | 2.1 LOW | N/A |
| Astaro Security Linux 2.016 creates world-writable files and directories, which allows local users to overwrite arbitrary files. | |||||
| CVE-2002-1738 | 1 Alt-n | 1 Mdaemon | 2017-07-10 | 5.0 MEDIUM | N/A |
| Alt-N Technologies MDaemon 5.0.5.0 and earlier creates a default MDaemon mail account with a password of MServer, which could allow remote attackers to send anonymous email. | |||||
| CVE-2002-1739 | 1 Alt-n | 1 Mdaemon | 2017-07-10 | 2.1 LOW | N/A |
| Alt-N Technologies Mdaemon 5.0 through 5.0.6 uses a weak encryption algorithm to store user passwords, which allows local users to crack passwords. | |||||
| CVE-2002-1740 | 1 Alt-n | 2 Mdaemon, Worldclient | 2017-07-10 | 2.1 LOW | N/A |
| Buffer overflow in WorldClient.cgi in WorldClient in Alt-N Technologies MDaemon 5.0.5.0 and earlier allows local users to execute arbitrary code via a long folder name (NewFolder parameter). | |||||
| CVE-2002-1741 | 1 Alt-n | 1 Worldclient | 2017-07-10 | 7.2 HIGH | N/A |
| Directory traversal vulnerability in WorldClient.cgi in WorldClient for Alt-N Technologies MDaemon 5.0.5.0 and earlier allows local users to delete arbitrary files via a ".." (dot dot) in the Attachments parameter. | |||||
| CVE-2002-1742 | 1 Paul Kulchenko | 1 Soap Lite | 2017-07-10 | 5.0 MEDIUM | N/A |
| SOAP::Lite 0.50 through 0.52 allows remote attackers to load arbitrary Perl functions by suppling a non-existent function in a script using a SOAP::Lite module, which causes the AUTOLOAD subroutine to trigger. | |||||
| CVE-2002-1743 | 1 Mirabilis | 1 Icq | 2017-07-10 | 5.0 MEDIUM | N/A |
| AOL ICQ 2002a Build 3722 allows remote attackers to cause a denial of service (crash) via a malformed .hpf file. | |||||
| CVE-2002-1746 | 1 Maxim Krasnyansky | 1 Vtun | 2017-07-10 | 5.0 MEDIUM | N/A |
| Vtun 2.5b1 allows remote attackers to inject data into user sessions by sniffing and replaying packets. | |||||