Export limit exceeded: 345238 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (345238 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2002-0919 | 1 Cgiscript.net | 1 Cspassword | 2026-04-16 | N/A |
| CGIScript.net csPassword.cgi allows remote authenticated users to modify the .htaccess file and gain privileges via newlines in the title field of the edit page. | ||||
| CVE-2002-0920 | 1 Cgiscript.net | 1 Cspassword | 2026-04-16 | N/A |
| CGIScript.net csPassword.cgi stores usernames and unencrypted passwords in the password.cgi.tmp temporary file while modifying data, which could allow local users (and possibly remote attackers) to gain privileges by stealing the file before it has been processed. | ||||
| CVE-2002-0922 | 1 Cgiscript.net | 1 Csnews | 2026-04-16 | N/A |
| CGIScript.net csNews.cgi allows remote attackers to obtain database files via a direct URL-encoded request to (1) default%2edb or (2) default%2edb.style, or remote authenticated users to perform administrative actions via (3) a database parameter set to default%2edb. | ||||
| CVE-2002-0923 | 1 Cgiscript.net | 1 Csnews | 2026-04-16 | N/A |
| CGIScript.net csNews.cgi allows remote authenticated users to read arbitrary files, and possibly gain privileges, via the (1) pheader or (2) pfooter parameters in the "Advanced Settings" capability. | ||||
| CVE-2002-0924 | 1 Cgiscript.net | 1 Csnews | 2026-04-16 | N/A |
| CGIScript.net csNews.cgi allows remote authenticated users to execute arbitrary Perl code via terminating quotes and metacharacters in text fields of the "Advanced Settings" capability. | ||||
| CVE-2002-0951 | 1 Ruslan Communications | 1 Body Builder | 2026-04-16 | N/A |
| SQL injection vulnerability in Ruslan <Body>Builder allows remote attackers to gain administrative privileges via a "'--" sequence in the username and password. | ||||
| CVE-2002-0926 | 1 Wolfram Research | 1 Webmathematica | 2026-04-16 | N/A |
| Directory traversal vulnerability in Wolfram Research webMathematica 1.0.0 and 1.0.0.1 allows remote attackers to read arbitrary files via a .. (dot dot) in the MSPStoreID parameter. | ||||
| CVE-2002-0928 | 1 Pirch | 1 Pirch Irc | 2026-04-16 | N/A |
| Buffer overflow in the Pirch 98 IRC client allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long hyperlink in a channel or private message. | ||||
| CVE-2002-0929 | 1 Novell | 1 Netware | 2026-04-16 | N/A |
| Buffer overflows in the DHCP server for NetWare 6.0 SP1 allow remote attackers to cause a denial of service (reboot) via long DHCP requests. | ||||
| CVE-2002-0930 | 1 Novell | 1 Netware | 2026-04-16 | N/A |
| Format string vulnerability in the FTP server for Novell Netware 6.0 SP1 (NWFTPD) allows remote attackers to cause a denial of service (ABEND) via format strings in the USER command. | ||||
| CVE-2002-0932 | 1 Luis Bernardo | 1 Myhelpdesk | 2026-04-16 | N/A |
| SQL injection vulnerability in index.php for MyHelpDesk 20020509, and possibly other versions, allows remote attackers to conduct unauthorized activities via SQL code in the "id" parameter for the operations (1) detailticket, (2) editticket, or (3) updateticketlog. | ||||
| CVE-2002-0933 | 1 Datalex | 1 Bookit Consumer | 2026-04-16 | N/A |
| Datalex PLC BookIt! Consumer before 2.2 stores usernames and passwords in plaintext in a cookie, which could allow remote attackers to gain privileges via Cross-site scripting or sniffing attacks. | ||||
| CVE-2002-1057 | 1 Smartmax Software | 1 Mailmax | 2026-04-16 | N/A |
| Buffer overflow in SmartMax MailMax POP3 daemon (popmax) 4.8 allows remote attackers to execute arbitrary code via a long USER command. | ||||
| CVE-2002-0935 | 1 Apache | 1 Tomcat | 2026-04-16 | N/A |
| Apache Tomcat 4.0.3, and possibly other versions before 4.1.3 beta, allows remote attackers to cause a denial of service (resource exhaustion) via a large number of requests to the server with null characters, which causes the working threads to hang. | ||||
| CVE-2002-0936 | 1 Apache | 1 Tomcat | 2026-04-16 | N/A |
| The Java Server Pages (JSP) engine in Tomcat allows web page owners to cause a denial of service (engine crash) on the web server via a JSP page that calls WPrinterJob().pageSetup(null,null). | ||||
| CVE-2002-0937 | 1 Macromedia | 1 Jrun | 2026-04-16 | N/A |
| The Java Server Pages (JSP) engine in JRun allows web page owners to cause a denial of service (engine crash) on the web server via a JSP page that calls WPrinterJob().pageSetup(null,null). | ||||
| CVE-2002-0938 | 1 Cisco | 1 Secure Access Control Server | 2026-04-16 | N/A |
| Cross-site scripting vulnerability in CiscoSecure ACS 3.0 allows remote attackers to execute arbitrary script or HTML as other web users via the action argument in a link to setup.exe. | ||||
| CVE-2002-0939 | 1 Ncipher | 1 Mscapi Csp | 2026-04-16 | N/A |
| The Install Wizard for nCipher MSCAPI CSP 5.50 does not use Operator Card Set protected keys when the user requests them but does not generate the Operator Card Set, which results in a lower protection level than specified by the user (module protection only). | ||||
| CVE-2002-0940 | 1 Ncipher | 1 Mscapi Csp | 2026-04-16 | N/A |
| domesticinstall.exe for nCipher MSCAPI CSP 5.50 and 5.54 does not use Operator Card Set protected keys when the user requests them but does not generate the Operator Card Set, which results in a lower protection level than specified by the user (module protection only). | ||||
| CVE-2002-1176 | 1 Nullsoft | 1 Winamp | 2026-04-16 | N/A |
| Buffer overflow in Winamp 2.81 allows remote attackers to execute arbitrary code via a long Artist ID3v2 tag in an MP3 file. | ||||