|
350721
|
- |
|
app
|
apboard
|
The new thread posting page in APBoard 2.02 and 2.03 allows remote attackers to post messages to protected forums by modifying the insertinto parameter.
|
NVD-CWE-Other
|
CVE-2002-2398
|
2008-09-6 05:33 |
2002-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
350722
|
- |
|
cascadesoft
|
w3mail
|
Directory traversal vulnerability in viewAttachment.cgi in W3Mail 1.0.6 allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter.
|
CWE-22
Path Traversal
|
CVE-2002-2399
|
2008-09-6 05:33 |
2002-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
350723
|
- |
|
key_focus
|
kf_web_server
|
Directory traversal vulnerability in KeyFocus web server 1.0.8 allows remote attackers to read arbitrary files for recognized MIME type files via "...", "....", ".....", and other multiple dot sequen…
|
CWE-22
Path Traversal
|
CVE-2002-2403
|
2008-09-6 05:33 |
2002-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
350724
|
- |
|
checkpoint
|
firewall-1
|
Check Point FireWall-1 4.1 and Next Generation (NG), with UserAuth configured to proxy HTTP traffic only, allows remote attackers to pass unauthorized HTTPS, FTP and possibly other traffic through th…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2002-2405
|
2008-09-6 05:33 |
2002-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
350725
|
- |
|
perception
|
liteserve
|
Buffer overflow in HTTP server in LiteServe 2.0, 2.0.1 and 2.0.2 allows remote attackers to cause a denial of service (hang) via a large number of percent characters (%) in an HTTP GET request.
|
CWE-20
Improper Input Validation
|
CVE-2002-2406
|
2008-09-6 05:33 |
2002-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
350726
|
- |
|
qnx
|
rtos
|
Certain patches for QNX Neutrino realtime operating system (RTOS) 6.2.0 set insecure permissions for the files (1) /sbin/io-audio by OS Update Patch A, (2) /bin/shutdown, (3) /sbin/fs-pkg, and (4) ph…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2002-2407
|
2008-09-6 05:33 |
2002-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
350727
|
- |
|
gordano
|
ntmail
|
Gordano Messaging Server (GMS) Mail 8 (a.k.a. NTMail) only filters email messages for the first recipient, which allows remote attackers to bypass JUCE filters by sending a message to more than one u…
|
NVD-CWE-Other
|
CVE-2002-2408
|
2008-09-6 05:33 |
2002-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
350728
|
- |
|
qnx
|
neutrino_rtos
photon_microgui
|
Photon microGUI in QNX Neutrino realtime operating system (RTOS) 6.1.0 and 6.2.0 allows attackers to read user clipboard information via a direct request to the 1.TEXT file in a directory whose name …
|
CWE-200
Information Exposure
|
CVE-2002-2409
|
2008-09-6 05:33 |
2002-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
350729
|
- |
|
open_webmail
|
open_webmail
|
openwebmail.pl in Open WebMail 1.7 and 1.71 reveals sensitive information in error messages and generates different responses whether a user exists or not, which allows remote attackers to identify v…
|
CWE-200
Information Exposure
|
CVE-2002-2410
|
2008-09-6 05:33 |
2002-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
350730
|
- |
|
nullsoft
|
winamp
|
Winamp 2.80 stores authentication credentials in plaintext in the (1) [HTTP-AUTH] and (2) [winamp] sections in winamp.ini, which allows local users to gain access to other accounts.
|
CWE-255
Credentials Management
|
CVE-2002-2412
|
2008-09-6 05:33 |
2002-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
