272021
|
- |
|
leszek_krupinski
|
l-forum
|
L-Forum 2.40 and earlier does not properly verify whether a file was uploaded or if the associated variables were set by POST (attachment, attachment_name, attachment_size and attachment_type), which…
|
NVD-CWE-Other
|
CVE-2002-1460
|
2008-09-6 05:30 |
2003-06-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
272022
|
- |
|
webscriptworld
|
web_shop_manager
|
Web Shop Manager 1.1 allows remote attackers to execute arbitrary commands via shell metacharacters in the search box.
|
NVD-CWE-Other
|
CVE-2002-1461
|
2008-09-6 05:30 |
2003-06-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
272023
|
- |
|
organicphp
|
php-affiliate
|
details2.php in OrganicPHP PHP-affiliate 1.0, and possibly later versions, allows remote attackers to modify information of other users by modifying certain hidden form fields.
|
NVD-CWE-Other
|
CVE-2002-1462
|
2008-09-6 05:30 |
2003-06-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
272024
|
- |
|
cafelog
|
b2
|
Cross-site scripting (XSS) vulnerability in CafeLog b2 Weblog Tool allows remote attackers to insert arbitrary HTML or script via the GPC variable.
|
NVD-CWE-Other
|
CVE-2002-1464
|
2008-09-6 05:30 |
2003-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
272025
|
- |
|
cafelog
|
b2
|
SQL injection vulnerability in CafeLog b2 Weblog Tool allows remote attackers to execute arbitrary SQL code via the tablehosts variable.
|
NVD-CWE-Other
|
CVE-2002-1465
|
2008-09-6 05:30 |
2003-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
272026
|
- |
|
cafelog
|
b2
|
CafeLog b2 Weblog Tool 2.06pre4, with allow_fopen_url enabled, allows remote attackers to execute arbitrary PHP code via the b2inc variable.
|
NVD-CWE-Other
|
CVE-2002-1466
|
2008-09-6 05:30 |
2003-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
272027
|
- |
|
macromedia
|
flash_player shockwave
|
Macromedia Flash Plugin before 6,0,47,0 allows remote attackers to bypass the same-domain restriction and read arbitrary files via (1) an HTTP redirect, (2) a "file://" base in a web document, or (3)…
|
NVD-CWE-Other
|
CVE-2002-1467
|
2008-09-6 05:30 |
2003-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
272028
|
- |
|
ibm
|
aix
|
Buffer overflow in errpt in AIX 4.3.3 allows local users to execute arbitrary code as root.
|
NVD-CWE-Other
|
CVE-2002-1468
|
2008-09-6 05:30 |
2003-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
272029
|
- |
|
scponly
|
scponly
|
scponly does not properly verify the path when finding the (1) scp or (2) sftp-server programs, which could allow remote authenticated users to bypass access controls by uploading malicious programs …
|
NVD-CWE-Other
|
CVE-2002-1469
|
2008-09-6 05:30 |
2003-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
272030
|
- |
|
nullsoft
|
shoutcast_server
|
SHOUTcast 1.8.9 and earlier allows local users to obtain the cleartext administrative password via a GET request to port 8001, which causes the password to be logged in the world-readable sc_serv.log…
|
NVD-CWE-Other
|
CVE-2002-1470
|
2008-09-6 05:30 |
2003-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|