271811
|
- |
|
nocc
|
nocc
|
Cross-site scripting (XSS) vulnerability in NOCC 0.9 through 0.9.5 allows remote attackers to inject arbitrary web script or HTML via email messages.
|
CWE-79
Cross-site Scripting
|
CVE-2002-2343
|
2008-09-6 05:32 |
2002-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
271812
|
- |
|
ensim
|
webppliance
|
Ensim WEBppliance 3.0 and 3.1 allows remote attackers to read mail intended for other users by defining an alias that is the target's email address.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2002-2344
|
2008-09-6 05:32 |
2002-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
271813
|
- |
|
oracle
|
application_server
|
Oracle 9i Application Server 9.0.2 stores the web cache administrator interface password in plaintext, which allows remote attackers to gain access.
|
CWE-255
Credentials Management
|
CVE-2002-2345
|
2008-09-6 05:32 |
2002-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
271814
|
- |
|
phpbb
|
phpbb
|
phpBB 2.0 through 2.0.3 generates names for uploaded avatar files with the hex-encoded IP address of the client system, which allows remote attackers to obtain client IP addresses.
|
CWE-200
Information Exposure
|
CVE-2002-2346
|
2008-09-6 05:32 |
2002-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
271815
|
- |
|
oracle
|
application_server
|
Cross-site scripting (XSS) vulnerability in Oracle Java Server Page (OJSP) demo files (1) hellouser.jsp, (2) welcomeuser.jsp and (3) usebean.jsp in Oracle 9i Application Server 9.0.2, 1.0.2.2, 1.0.2.…
|
CWE-79
Cross-site Scripting
|
CVE-2002-2347
|
2008-09-6 05:32 |
2002-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
271816
|
- |
|
authoria
|
authoria
|
Cross-site scripting (XSS) vulnerability in athcgi.exe in Authoria HR allows remote attackers to inject arbitrary web script or HTML via the command parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2002-2348
|
2008-09-6 05:32 |
2002-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
271817
|
- |
|
phpbb
|
phpbbmod
|
phpinfo.php in phpBBmod 1.3.3 executes the phpinfo function, which allows remote attackers to obtain sensitive environment information.
|
CWE-200
Information Exposure
|
CVE-2002-2349
|
2008-09-6 05:32 |
2002-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
271818
|
- |
|
phpoutsourcing
|
zorum
|
Cross-site scripting (XSS) vulnerability in z_user_show.php in dbtreelistproperty_method.php in Zorum 2.4 allows remote attackers to inject arbitrary web script or HTML via the class parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2002-2350
|
2008-09-6 05:32 |
2002-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
271819
|
- |
|
qualcomm
|
eudora
|
Eudora 5.1 allows remote attackers to bypass security warnings and possibly execute arbitrary code via attachments with names containing a trailing "." (dot).
|
CWE-22
Path Traversal
|
CVE-2002-2351
|
2008-09-6 05:32 |
2002-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
271820
|
- |
|
aol
|
instant_messenger
|
AOL Instant Messenger (AIM) 4.7.2480 adds free.aol.com to the Trusted Sites Zone in Internet Explorer without user approval, which could allow code from free.aol.com to bypass intended access restric…
|
NVD-CWE-Other
|
CVE-2002-1591
|
2008-09-6 05:31 |
2002-04-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|