271451
|
- |
|
blueface
|
falcon_web_server
|
Cross-site scripting (XSS) vulnerability in Falcon web server 2.0.0.1009 through 2.0.0.1021 allows remote attackers to inject arbitrary web script or HTML via the URI, which is inserted into 301 erro…
|
CWE-79
Cross-site Scripting
|
CVE-2002-2318
|
2008-09-6 05:32 |
2002-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
271452
|
- |
|
mysimplenews
|
mysimplenews
|
Static code injection vulnerability in users.php in MySimpleNews allows remote attackers to inject arbitrary PHP code and HTML via the (1) LOGIN, (2) DATA, and (3) MESS parameters, which are inserted…
|
CWE-94
Code Injection
|
CVE-2002-2319
|
2008-09-6 05:32 |
2002-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
271453
|
- |
|
mysimplenews
|
mysimplenews
|
MySimpleNews 1.0 allows remote attackers to delete arbitrary email messages via a direct request to vider.php3.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2002-2320
|
2008-09-6 05:32 |
2002-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
271454
|
- |
|
phplinkat
|
phplinkat
|
Cross-site scripting (XSS) vulnerability in (1) showcat.php and (2) addyoursite.php in phpLinkat 0.1.0 allows remote attackers to inject arbitrary web script or HTML via the catid parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2002-2321
|
2008-09-6 05:32 |
2002-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
271455
|
- |
|
ultimate_php_board
|
ultimate_php_board
|
Ultimate PHP Board (UPB) 1.0b stores the users.dat data file under the web root with insufficient access control, which allows remote attackers to obtain usernames and passwords.
|
CWE-20
Improper Input Validation
|
CVE-2002-2322
|
2008-09-6 05:32 |
2002-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
271456
|
- |
|
microsoft
|
windows_xp
|
The "System Restore" directory and subdirectories, and possibly other subdirectories in the "System Volume Information" directory on Windows XP Professional, have insecure access control list (ACL) p…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2002-2324
|
2008-09-6 05:32 |
2002-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
271457
|
- |
|
university_of_washington
|
pine
|
The c-client library in Internet Message Access Protocol (IMAP) dated before 2002 RC2, as used by Pine 4.20 through 4.44, allows remote attackers to cause a denial of service (client crash) via a MIM…
|
CWE-20
Improper Input Validation
|
CVE-2002-2325
|
2008-09-6 05:32 |
2002-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
271458
|
- |
|
apple
|
mac_os_x
|
The default configuration of Mail.app in Mac OS X 10.0 through 10.0.4 and 10.1 through 10.1.5 sends iDisk authentication credentials in cleartext when connecting to Mac.com, which could allow remote …
|
CWE-310
Cryptographic Issues
|
CVE-2002-2326
|
2008-09-6 05:32 |
2002-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
271459
|
- |
|
mirabilis
|
icq
|
ICQ client 2001b, 2002a and 2002b allows remote attackers to cause a denial of service (CPU consumption or crash) via a message with a large number of emoticons.
|
CWE-20
Improper Input Validation
|
CVE-2002-2329
|
2008-09-6 05:32 |
2002-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
271460
|
- |
|
cascadesoft
|
w3mail
|
W3Mail 1.0.2 through 1.0.5 with server side scripting (SSI) enabled in the attachments directory does not properly restrict the types of files that can be uploaded as attachments, which allows remote…
|
CWE-16
Configuration
|
CVE-2002-2331
|
2008-09-6 05:32 |
2002-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|