|
366401
|
4.3 |
MEDIUM
|
cybozu
|
share360
|
Cross-site scripting (XSS) vulnerability in Cybozu Share360 1.1 allows remote attackers to inject arbitrary web script or HTML via an HTML link.
|
NVD-CWE-Other
|
CVE-2002-1960
|
2008-09-6 05:31 |
2002-12-31 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
366402
|
7.5 |
HIGH
|
finjan_software
|
surfingate
|
Finjan Software SurfinGate 6.0 and 6.0 1 allows remote attackers to bypass URL access restrictions via a URL whose hostname portion uses a fully qualified domain name (FQDN) that ends in a "." (dot).
|
NVD-CWE-Other
|
CVE-2002-1961
|
2008-09-6 05:31 |
2002-12-31 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
366403
|
7.5 |
HIGH
|
finjan_software
|
surfingate
|
Finjan Software SurfinGate 6.0 and 6.0 1 allows remote attackers to bypass URL access restrictions via a URL with an IP address instead of a hostname.
|
NVD-CWE-Other
|
CVE-2002-1962
|
2008-09-6 05:31 |
2002-12-31 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
366404
|
2.1 |
LOW
|
linux
|
linux_kernel
|
Linux kernel 2.4.1 through 2.4.19 sets root's NR_RESERVED_FILES limit to 10 files, which allows local users to cause a denial of service (resource exhaustion) by opening 10 setuid binaries.
|
NVD-CWE-Other
|
CVE-2002-1963
|
2008-09-6 05:31 |
2002-12-31 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
366405
|
7.5 |
HIGH
|
wesmo
|
phpeventcalendar
|
Unknown vulnerability in WesMo phpEventCalendar 1.1 allows remote attackers to execute arbitrary commands via unknown attack vectors.
|
NVD-CWE-Other
|
CVE-2002-1964
|
2008-09-6 05:31 |
2002-12-31 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
366406
|
4.3 |
MEDIUM
|
imatix
|
xitami
|
Cross-site scripting (XSS) vulnerability in Errors.gsl in Imatix Xitami 2.5b4 and 2.5b5 allows remote attackers to inject arbitrary web script or HTML via the (1) Javascript events, as demonstrated v…
|
NVD-CWE-Other
|
CVE-2002-1965
|
2008-09-6 05:31 |
2002-12-31 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
366407
|
5.0 |
MEDIUM
|
my_postcards
|
my_postcards_platinum
|
Directory traversal vulnerability in magiccard.cgi in My Postcards Platinum 5.0 and 6.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the page parameter.
|
NVD-CWE-Other
|
CVE-2002-1966
|
2008-09-6 05:31 |
2002-12-31 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
366408
|
5.0 |
MEDIUM
|
mark_hanson
|
xircon
|
Buffer overflow in XiRCON 1.0 Beta 4 allows remote attackers to cause a denial of service (disconnect) via a long (1) ctcp, (2) primsg, (3) msg, or (4) notice command.
|
NVD-CWE-Other
|
CVE-2002-1967
|
2008-09-6 05:31 |
2002-12-31 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
366409
|
2.1 |
LOW
|
com21
|
doxport_1100
|
Com21 DOXport 1100 series cable modem running firmware 2.1.1.106, and possibly other versions before 2.1.1.108.003, downloads a DOCSIS configuration file from a TFTP server running on the internal ne…
|
NVD-CWE-Other
|
CVE-2002-1968
|
2008-09-6 05:31 |
2002-12-31 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
366410
|
5.0 |
MEDIUM
|
the_magic_notebook
|
the_magic_notebook
|
Magic Notebook 1.0b and 1.1b allows remote attackers to cause a denial of service (crash) via an invalid username during login.
|
NVD-CWE-Other
|
CVE-2002-1969
|
2008-09-6 05:31 |
2002-12-31 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
366411
|
2.1 |
LOW
|
snortcenter
|
snortcenter
|
SnortCenter 0.9.5, when configured to push Snort rules, stores the rules in a temporary file with world-readable and world-writable permissions, which allows local users to obtain usernames and passw…
|
NVD-CWE-Other
|
CVE-2002-1970
|
2008-09-6 05:31 |
2002-12-31 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
366412
|
10.0 |
HIGH
|
sourcecraft
|
networking_utils
|
The ping utility in networking_utils.php in Sourcecraft Networking_Utils 1.0 allows remote attackers to read arbitrary files via shell metacharacters in the Domain name or IP address argument.
|
NVD-CWE-Other
|
CVE-2002-1971
|
2008-09-6 05:31 |
2002-12-31 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
366413
|
4.6 |
MEDIUM
|
sebastian_dehne
|
pp_powerswitch
|
Unknown vulnerability in Parallel port powerSwitch (aka pp_powerSwitch) 0.1 does not properly enforce access controls, which allows local users to access arbitrary ports.
|
NVD-CWE-Other
|
CVE-2002-1972
|
2008-09-6 05:31 |
2002-12-31 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
366414
|
10.0 |
HIGH
|
sharp
|
zaurus
|
The FTP service in Zaurus PDAs SL-5000D and SL-5500 does not require authentication, which allows remote attackers to access the file system as root.
|
NVD-CWE-Other
|
CVE-2002-1974
|
2008-09-6 05:31 |
2002-12-31 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
366415
|
5.0 |
MEDIUM
|
qualcomm
|
eudora
|
Qualcomm Eudora 5.1.1, 5.2, and possibly other versions stores email attachments in a predictable location, which allows remote attackers to read arbitrary files via a link that loads an attachment w…
|
NVD-CWE-Other
|
CVE-2002-1210
|
2008-09-6 05:30 |
2002-11-29 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
366416
|
7.5 |
HIGH
|
kde
|
kde
|
Buffer overflow in DSC 3.0 parser from GSview, as used in KGhostView in KDE 1.1 and KDE 3.0.3a, may allow attackers to cause a denial of service or execute arbitrary code via a modified .ps (PostScri…
|
NVD-CWE-Other
|
CVE-2002-1223
|
2008-09-6 05:30 |
2002-10-28 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
366417
|
5.0 |
MEDIUM
|
kde
|
kde
|
Directory traversal vulnerability in kpf for KDE 3.0.1 through KDE 3.0.3a allows remote attackers to read arbitrary files as the kpf user via a URL with a modified icon parameter.
|
NVD-CWE-Other
|
CVE-2002-1224
|
2008-09-6 05:30 |
2002-10-28 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
366418
|
7.5 |
HIGH
|
pam
|
pam
|
PAM 0.76 treats a disabled password as if it were an empty (null) password, which allows local and remote attackers to gain privileges as disabled users.
|
NVD-CWE-Other
|
CVE-2002-1227
|
2008-09-6 05:30 |
2002-10-28 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
366419
|
10.0 |
HIGH
|
log2mail
|
log2mail
|
Buffer overflow in log2mail before 0.2.5.1 allows remote attackers to execute arbitrary code via a long log message.
|
NVD-CWE-Other
|
CVE-2002-1251
|
2008-09-6 05:30 |
2002-11-12 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
366420
|
7.2 |
HIGH
|
abuse
|
abuse
|
Abuse 2.00 and earlier allows local users to gain privileges via command line arguments that specify alternate Lisp scripts that run at escalated privileges, which can contain functions that execute …
|
NVD-CWE-Other
|
CVE-2002-1253
|
2008-09-6 05:30 |
2002-11-12 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
366421
|
4.6 |
MEDIUM
|
apple
|
mac_os_x
|
Unknown vulnerability in NetInfo Manager application in Mac OS X 10.2.2 allows local users to access restricted parts of a filesystem.
|
NVD-CWE-Other
|
CVE-2002-1269
|
2008-09-6 05:30 |
2002-12-11 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
366422
|
4.3 |
MEDIUM
|
squirrelmail
|
squirrelmail
|
An incomplete fix for a cross-site scripting (XSS) vulnerability in SquirrelMail 1.2.8 calls the strip_tags function on the PHP_SELF value but does not save the result back to that variable, leaving …
|
NVD-CWE-Other
|
CVE-2002-1276
|
2008-09-6 05:30 |
2002-11-29 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
366423
|
7.5 |
HIGH
|
windowmaker
|
windowmaker
|
Buffer overflow in Window Maker (wmaker) 0.80.0 and earlier may allow remote attackers to execute arbitrary code via a certain image file that is not properly handled when Window Maker uses width and…
|
NVD-CWE-Other
|
CVE-2002-1277
|
2008-09-6 05:30 |
2002-11-12 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
366424
|
7.2 |
HIGH
|
hp
|
hp-ux
|
Unknown vulnerability in passwd for VVOS HP-UX 11.04, with unknown impact, related to "Unexpected behavior."
|
NVD-CWE-Other
|
CVE-2002-1406
|
2008-09-6 05:30 |
2003-04-11 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
366425
|
7.5 |
HIGH
|
hp
|
openview_emanate_snmp_agent vvos
|
Unknown vulnerability or vulnerabilities in HP OpenView EMANATE 14.2 snmpModules allow the SNMP read-write community name to be exposed, related to (1) "'read-only' community access," and/or (2) an e…
|
NVD-CWE-Other
|
CVE-2002-1408
|
2008-09-6 05:30 |
2003-04-11 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
366426
|
7.5 |
HIGH
|
ben_chivers easy_scripts_archive
|
ben_chivers_guestbook easy_guestbook
|
Easy Guestbook CGI programs do not authenticate the administrator, which allows remote attackers to (1) delete entries via direct access of admin.cgi, or (2) reconfigure Guestbook via direct access o…
|
NVD-CWE-Other
|
CVE-2002-1410
|
2008-09-6 05:30 |
2003-04-11 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
366427
|
5.0 |
MEDIUM
|
duma
|
photo_gallery_system
|
Directory traversal vulnerability in update.dpgs in Duma Photo Gallery System (DPGS) 0.99.4 allows remote attackers to read arbitrary files via .. (dot dot) sequences in the id parameter.
|
NVD-CWE-Other
|
CVE-2002-1411
|
2008-09-6 05:30 |
2003-04-11 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
366428
|
7.5 |
HIGH
|
novell
|
netware
|
RCONAG6 for Novell Netware SP2, while running RconJ in secure mode, allows remote attackers to bypass authentication using the RconJ "Secure IP" (SSL) option during a connection.
|
NVD-CWE-Other
|
CVE-2002-1413
|
2008-09-6 05:30 |
2003-04-11 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
366429
|
5.0 |
MEDIUM
|
webeasymail
|
webeasymail
|
Format string vulnerability in SMTP service for WebEasyMail 3.4.2.2 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via format strings in …
|
NVD-CWE-Other
|
CVE-2002-1415
|
2008-09-6 05:30 |
2003-04-11 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
366430
|
5.0 |
MEDIUM
|
webeasymail
|
webeasymail
|
The POP3 service for WebEasyMail 3.4.2.2 and earlier generates diffferent error messages for valid and invalid usernames during authentication, which makes it easier for remote attackers to conduct b…
|
NVD-CWE-Other
|
CVE-2002-1416
|
2008-09-6 05:30 |
2003-04-11 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
366431
|
5.0 |
MEDIUM
|
novell
|
small_business_suite netware
|
Directory traversal vulnerability in Novell NetBasic Scripting Server (NSN) for Netware 5.1 and 6, and Novell Small Business Suite 5.1 and 6, allows remote attackers to read arbitrary files via a URL…
|
NVD-CWE-Other
|
CVE-2002-1417
|
2008-09-6 05:30 |
2003-04-11 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
366432
|
5.0 |
MEDIUM
|
novell
|
small_business_suite netware
|
Buffer overflow in the interpreter for Novell NetBasic Scripting Server (NSN) for Netware 5.1 and 6, and Novell Small Business Suite 5.1 and 6, allows remote attackers to cause a denial of service (A…
|
NVD-CWE-Other
|
CVE-2002-1418
|
2008-09-6 05:30 |
2003-04-11 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
366433
|
7.5 |
HIGH
|
sgi
|
irix
|
The upgrade of IRIX on Origin 3000 to 6.5.13 through 6.5.16 changes the MAC address of the system, which could modify intended access restrictions that are based on a MAC address.
|
NVD-CWE-Other
|
CVE-2002-1419
|
2008-09-6 05:30 |
2003-04-11 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
366434
|
7.5 |
HIGH
|
ilia_alshanetsky
|
fudforum
|
SQL injection vulnerabilities in FUDforum before 2.2.0 allow remote attackers to perform unauthorized database operations via (1) report.php, (2) selmsg.php, and (3) showposts.php.
|
NVD-CWE-Other
|
CVE-2002-1421
|
2008-09-6 05:30 |
2003-04-11 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
366435
|
5.0 |
MEDIUM
|
ilia_alshanetsky
|
fudforum
|
admbrowse.php in FUDforum before 2.2.0 allows remote attackers to create or delete files via URL-encoded pathnames in the cur and dest parameters.
|
NVD-CWE-Other
|
CVE-2002-1422
|
2008-09-6 05:30 |
2003-04-11 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
366436
|
5.0 |
MEDIUM
|
ilia_alshanetsky
|
fudforum
|
tmp_view.php in FUDforum before 2.2.0 allows remote attackers to read arbitrary files via an absolute pathname in the file parameter.
|
NVD-CWE-Other
|
CVE-2002-1423
|
2008-09-6 05:30 |
2003-04-11 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
366437
|
5.0 |
MEDIUM
|
john_g._myers
|
mpack
|
Buffer overflow in munpack in mpack 1.5 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code.
|
NVD-CWE-Other
|
CVE-2002-1424
|
2008-09-6 05:30 |
2003-04-11 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
366438
|
6.4 |
MEDIUM
|
john_g._myers
|
mpack
|
Directory traversal vulnerability in munpack in mpack 1.5 and earlier allows remote attackers to create new files in the parent directory via a ../ (dot-dot) sequence in the filename to be extracted.
|
NVD-CWE-Other
|
CVE-2002-1425
|
2008-09-6 05:30 |
2003-04-11 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
366439
|
7.8 |
HIGH
|
hp
|
procurve_switch_4000m
|
HP ProCurve Switch 4000M C.07.23 allows remote attackers to cause a denial of service (crash) via an SNMP write request containing 85 characters, possibly triggering a buffer overflow.
|
NVD-CWE-Other
|
CVE-2002-1426
|
2008-09-6 05:30 |
2003-04-11 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
366440
|
7.5 |
HIGH
|
easy_scripts_archive
|
advanced_easy_homepage_creator easy_homepage_creator
|
The print_html_to_file function in edit.cgi for Easy Homepage Creator 1.0 does not check user credentials, which allows remote attackers to modify home pages of other users.
|
NVD-CWE-Other
|
CVE-2002-1427
|
2008-09-6 05:30 |
2003-04-11 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
366441
|
10.0 |
HIGH
|
dotproject
|
dotproject
|
index.php in dotProject 0.2.1.5 allows remote attackers to bypass authentication via a cookie or URL with the user_cookie parameter set to 1.
|
NVD-CWE-Other
|
CVE-2002-1428
|
2008-09-6 05:30 |
2003-04-11 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
366442
|
5.0 |
MEDIUM
|
synthetic_reality
|
sympoll
|
Unknown vulnerability in Sympoll 1.2 allows remote attackers to read arbitrary files when register_globals is enabled, possibly by modifying certain PHP variables through URL parameters.
|
NVD-CWE-Other
|
CVE-2002-1430
|
2008-09-6 05:30 |
2003-04-11 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
366443
|
7.5 |
HIGH
|
belkin
|
f5d5230-4_4-port_cable_dsl_gateway_router
|
Belkin F5D5230-4 4-Port Cable/DSL Gateway Router 1.20.000 modifies the source IP address of internal packets to that of the router's external interface when forwarding a request from an internal host…
|
NVD-CWE-Other
|
CVE-2002-1431
|
2008-09-6 05:30 |
2003-04-11 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
366444
|
5.0 |
MEDIUM
|
kerio
|
kerio_mailserver
|
Kerio MailServer 5.0 allows remote attackers to cause a denial of service (hang) via SYN packets to the supported network services.
|
NVD-CWE-Other
|
CVE-2002-1433
|
2008-09-6 05:30 |
2003-04-11 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
366445
|
6.8 |
MEDIUM
|
kerio
|
kerio_mailserver
|
Multiple cross-site scripting (XSS) vulnerabilities in the Web mail module of Kerio MailServer 5.0 allow remote attackers to execute HTML script as other users via certain URLs.
|
NVD-CWE-Other
|
CVE-2002-1434
|
2008-09-6 05:30 |
2003-04-11 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
366446
|
7.5 |
HIGH
|
achievo
|
achievo
|
class.atkdateattribute.js.php in Achievo 0.7.0 through 0.9.1, except 0.8.2, allows remote attackers to execute arbitrary PHP code when the 'allow_url_fopen' setting is enabled via a URL in the config…
|
NVD-CWE-Other
|
CVE-2002-1435
|
2008-09-6 05:30 |
2003-04-11 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
366447
|
7.5 |
HIGH
|
novell
|
netware
|
The web handler for Perl 5.003 on Novell NetWare 5.1 and NetWare 6 allows remote attackers to execute arbitrary Perl code via an HTTP POST request.
|
NVD-CWE-Other
|
CVE-2002-1436
|
2008-09-6 05:30 |
2003-04-11 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
366448
|
5.0 |
MEDIUM
|
novell
|
netware
|
Directory traversal vulnerability in the web handler for Perl 5.003 on Novell NetWare 5.1 and NetWare 6 allows remote attackers to read arbitrary files via an HTTP request containing "..%5c" (URL-enc…
|
NVD-CWE-Other
|
CVE-2002-1437
|
2008-09-6 05:30 |
2003-04-11 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
366449
|
5.0 |
MEDIUM
|
novell
|
netware
|
The web handler for Perl 5.003 on Novell NetWare 5.1 and NetWare 6 allows remote attackers to obtain Perl version information via the -v option.
|
NVD-CWE-Other
|
CVE-2002-1438
|
2008-09-6 05:30 |
2003-04-11 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
366450
|
4.6 |
MEDIUM
|
hp
|
virtualvault vvos
|
Unknown vulnerability related to stack corruption in the TGA daemon for HP-UX 11.04 (VVOS) Virtualvault 4.0, 4.5, and 4.6 may allow attackers to obtain access to system files.
|
NVD-CWE-Other
|
CVE-2002-1439
|
2008-09-6 05:30 |
2003-04-11 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|