|
273871
|
- |
|
apache
usanet_creations
|
http_server
makebid_auction_deluxe
|
Cross-site scripting vulnerability in auction.pl of MakeBid Auction Deluxe 3.30 allows remote attackers to obtain information from other users via the form fields (1) TITLE, (2) DESCTIT, (3) DESC, (4…
|
NVD-CWE-Other
|
CVE-2002-0257
|
2016-10-18 11:17 |
2002-05-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273872
|
- |
|
icewarp
merak
|
web_mail
mail_server
|
Merak Mail IceWarp Web Mail uses a static identifier as a user session ID that does not change across sessions, which could allow remote attackers with access to the ID to gain privileges as that use…
|
NVD-CWE-Other
|
CVE-2002-0258
|
2016-10-18 11:17 |
2002-05-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273873
|
- |
|
instantservers_inc.
|
miniportal
|
InstantServers MiniPortal 1.1.5 and earlier stores sensitive login and account data in plaintext in (1) .pwd files in the miniportal/apache directory, or (2) mplog.txt, which could allow local users …
|
NVD-CWE-Other
|
CVE-2002-0259
|
2016-10-18 11:17 |
2002-05-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273874
|
- |
|
instantservers_inc.
|
miniportal
|
Buffer overflow in InstantServers MiniPortal 1.1.5 and earlier allows remote attackers to execute arbitrary code via a long login name, which is not properly handled by the logging utility.
|
NVD-CWE-Other
|
CVE-2002-0260
|
2016-10-18 11:17 |
2002-05-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273875
|
- |
|
instantservers_inc.
|
miniportal
|
Directory traversal vulnerability in InstantServers MiniPortal 1.1.5 and earlier allows remote authenticated users to read arbitrary files via a ... (modified dot dot) in the GET command.
|
NVD-CWE-Other
|
CVE-2002-0261
|
2016-10-18 11:17 |
2002-05-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273876
|
- |
|
sybex
|
e-trainer
|
Directory traversal vulnerability in netget for Sybex E-Trainer web server allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter.
|
NVD-CWE-Other
|
CVE-2002-0262
|
2016-10-18 11:17 |
2002-05-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273877
|
- |
|
ezne.net
|
ezboard_2000
|
Buffer overflow in EasyBoard 2000 1.27 (aka EZboard) allows remote attackers to execute arbitrary code via a long boundary value in a multipart Content-Type header to (1) ezboard.cgi, (2) ezman.cgi, …
|
NVD-CWE-Other
|
CVE-2002-0263
|
2016-10-18 11:17 |
2002-05-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273878
|
- |
|
cooolsoft
|
powerftp
|
PowerFTP Personal FTP Server 2.03 through 2.10 stores sensitive account information in plaintext in the ftpserver.ini file, which allows attackers with access to the file to gain privileges.
|
NVD-CWE-Other
|
CVE-2002-0264
|
2016-10-18 11:17 |
2002-05-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273879
|
- |
|
sawmill
|
sawmill
|
Sawmill for Solaris 6.2.14 and earlier creates the AdminPassword file with world-writable permissions, which allows local users to gain privileges by modifying the file.
|
NVD-CWE-Other
|
CVE-2002-0265
|
2016-10-18 11:17 |
2002-05-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273880
|
- |
|
thunderstone_software
|
texis
|
Thunderstone Texis CGI script allows remote attackers to obtain the full path of the web root via a request for a nonexistent file, which generates an error message that includes the full pathname.
|
NVD-CWE-Other
|
CVE-2002-0266
|
2016-10-18 11:17 |
2002-05-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
