Export limit exceeded: 345222 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (345222 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2002-1709 | 1 Basilix | 1 Basilix Webmail | 2026-04-16 | N/A |
| SQL injection vulnerability in BasiliX Webmail 1.10 allows remote attackers to obtain sensitive information or possibly modify data via the id variable. | ||||
| CVE-2002-1710 | 1 Basilix | 1 Basilix Webmail | 2026-04-16 | N/A |
| The attachment capability in Compose Mail in BasiliX Webmail 1.1.0 does not check whether the attachment was uploaded by the user or came from a HTTP POST, which could allow local users to steal sensitive information like a password file. | ||||
| CVE-2002-1711 | 1 Basilix | 1 Basilix Webmail | 2026-04-16 | N/A |
| BasiliX 1.1.0 saves attachments in a world readable /tmp/BasiliX directory, which allows local users to read other users' attachments. | ||||
| CVE-2002-1712 | 1 Microsoft | 2 Windows 2000, Windows Nt | 2026-04-16 | N/A |
| Microsoft Windows 2000 allows remote attackers to cause a denial of service (memory consumption) by sending a flood of empty TCP/IP packets with the ACK and FIN bits set to the NetBIOS port (TCP/139), as demonstrated by stream3. | ||||
| CVE-2002-1713 | 1 Mandrakesoft | 1 Mandrake Linux | 2026-04-16 | 5.5 Medium |
| The Standard security setting for Mandrake-Security package (msec) in Mandrake 8.2 installs home directories with world-readable permissions, which could allow local users to read other user's files. | ||||
| CVE-2002-1715 | 1 Ssh | 2 Ssh, Ssh2 | 2026-04-16 | N/A |
| SSH 1 through 3, and possibly other versions, allows local users to bypass restricted shells such as rbash or rksh by uploading a script to a world-writeable directory, then executing that script to gain normal shell access. | ||||
| CVE-2002-1716 | 1 Microsoft | 1 Office | 2026-04-16 | N/A |
| The Host() function in the Microsoft spreadsheet component on Microsoft Office XP allows remote attackers to create arbitrary files using the SaveAs capability. | ||||
| CVE-2002-1717 | 1 Microsoft | 1 Internet Information Services | 2026-04-16 | N/A |
| Microsoft Internet Information Server (IIS) 5.1 allows remote attackers to view path information via a GET request to (1) /_vti_pvt/access.cnf, (2) /_vti_pvt/botinfs.cnf, (3) /_vti_pvt/bots.cnf, or (4) /_vti_pvt/linkinfo.cnf. | ||||
| CVE-2002-1718 | 1 Microsoft | 1 Internet Information Services | 2026-04-16 | N/A |
| Microsoft Internet Information Server (IIS) 5.1 may allow remote attackers to view the contents of a Frontpage Server Extension (FPSE) file, as claimed using an HTTP request for colegal.htm that contains .. (dot dot) sequences. | ||||
| CVE-2002-1719 | 1 Bavo | 1 Bavo | 2026-04-16 | N/A |
| Unknown vulnerability in Bavo 0.3 allows remote attackers to modify posted messages. | ||||
| CVE-2002-1720 | 1 Outfront | 1 Spooky Login | 2026-04-16 | N/A |
| SQL injection vulnerability in Spooky Login 2.0 through 2.5 allows remote attackers to bypass authentication and gain privileges via the password field. | ||||
| CVE-2002-1721 | 1 Pldaniels | 1 Altermime | 2026-04-16 | 7.5 High |
| Off-by-one error in alterMIME 0.1.10 and 0.1.11 allows remote attackers to cause a denial of service (crash) via an x-header that causes snprintf overwrite the FFGET_FILE variable with a (null) byte. | ||||
| CVE-2002-1722 | 1 Logitech | 3 Cordless Freedom Itouch Keyboard, Cordless Itouch Keyboard, Itouch Keyboard | 2026-04-16 | N/A |
| Logitech iTouch keyboards allows attackers with physical access to the system to bypass the screen locking function and execute user-defined commands that have been assigned to a button. | ||||
| CVE-2002-1724 | 1 Onlinetools.org | 1 Phpimageview | 2026-04-16 | N/A |
| Cross-site scripting vulnerability (XSS) in phpimageview.php for PHPImageView 1.0 allows remote attackers to execute arbitrary script as other users via the pic parameter. | ||||
| CVE-2002-1725 | 1 Onlinetools.org | 1 Phpimageview | 2026-04-16 | N/A |
| phpimageview.php in PHPImageView 1.0 allows remote attackers to obtain sensitive information via the pw=show option, which invokes the phpinfo function. | ||||
| CVE-2002-1726 | 1 Brokenbytes | 1 Photodb | 2026-04-16 | N/A |
| secure_inc.php in PhotoDB 1.4 allows remote attackers to bypass authentication via a URL with a large Time parameter, non-empty rmtusername and rmtpassword parameter, and an accesslevel parameter that is lower than the access level of the requested page. | ||||
| CVE-2002-1727 | 1 Asksam Systems | 1 Asksam Web Publisher | 2026-04-16 | N/A |
| Cross-site scripting vulnerability (XSS) in (1) as_web.exe and (2) as_web4.exe in askSam Web Publisher 1 and 4 allows remote attackers to execute arbitrary script as other users via a URL. | ||||
| CVE-2002-1728 | 1 Asksam Systems | 1 Asksam Web Publisher | 2026-04-16 | N/A |
| askSam Web Publisher 1.0 and 4.0 allows remote attackers to determine the full path to the web root directory via a request for a file that does not exist, which generates an error message that reveals the full path. | ||||
| CVE-2002-1729 | 1 Aspjar | 1 Aspjar Guestbook | 2026-04-16 | N/A |
| Cross-site scripting vulnerability (XSS) in ASPjar Guestbook 1.00 allows remote attackers to execute arbitrary script as other users via the "web site" parameter in a guestbook message. | ||||
| CVE-2002-1730 | 1 Aspjar | 1 Aspjar Guestbook | 2026-04-16 | N/A |
| ASPjar Guestbook 1.00 allows remote attackers to delete arbitrary messages accessing the delete.asp administrative script with certain cookie values set to "true". | ||||