Total
286889 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2002-2362 | 1 Sourceforge | 1 Mymarket | 2024-11-20 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in form_header.php in MyMarket 1.71 allows remote attackers to inject arbitrary web script or HTML via the noticemsg parameter. | |||||
CVE-2002-2361 | 1 Yahoo | 1 Messenger | 2024-11-20 | 5.8 MEDIUM | N/A |
The installer in Yahoo! Messenger 4.0, 5.0 and 5.5 does not verify package signatures which could allow remote attackers to install trojan programs via DNS spoofing. | |||||
CVE-2002-2360 | 1 Webmin | 1 Webmin | 2024-11-20 | 9.3 HIGH | N/A |
The RPC module in Webmin 0.21 through 0.99, when installed without root or admin privileges, allows remote attackers to read and write to arbitrary files and execute arbitrary commands via remote_foreign_require and remote_foreign_call requests. | |||||
CVE-2002-2359 | 1 Mozilla | 1 Mozilla | 2024-11-20 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in the FTP view feature in Mozilla 1.0 allows remote attackers to inject arbitrary web script or HTML via the title tag of an ftp URL. | |||||
CVE-2002-2358 | 1 Opera Software | 1 Opera Web Browser | 2024-11-20 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in the FTP view feature in Opera 6.0 and 6.01 through 6.04 allows remote attackers to inject arbitrary web script or HTML via the title tag of an FTP URL. | |||||
CVE-2002-2357 | 1 Mailenable | 1 Mailenable | 2024-11-20 | 5.0 MEDIUM | N/A |
MailEnable 1.5 015 through 1.5 018 allows remote attackers to cause a denial of service (crash) via a long USER string, possibly due to a buffer overflow. | |||||
CVE-2002-2356 | 1 Hamweather | 1 Hamweather | 2024-11-20 | 6.4 MEDIUM | N/A |
HAMweather 2.x allows remote attackers to modify administrative settings and obtain sensitive information via a direct request to hwadmin.cgi. | |||||
CVE-2002-2355 | 1 Netgear | 1 Fm114p | 2024-11-20 | 7.1 HIGH | N/A |
Netgear FM114P firmware 1.3 wireless firewall, when configured to backup configuration information, stores DDNS (DynDNS) user name and password, MAC address filtering table and possibly other information in cleartext, which could allow local users to obtain sensitive information. | |||||
CVE-2002-2354 | 1 Netgear | 1 Fm114p | 2024-11-20 | 7.8 HIGH | N/A |
Netgear FM114P firmware 1.3 wireless firewall allows remote attackers to cause a denial of service (crash or hang) via a large number of TCP connection requests. | |||||
CVE-2002-2353 | 1 Tftpd32 | 1 Tftpd32 | 2024-11-20 | 6.4 MEDIUM | N/A |
tftpd32 2.50 and 2.50.2 allows remote attackers to read or write arbitrary files via a full pathname in GET and PUT requests. | |||||
CVE-2002-2352 | 1 Neosoft | 1 Neobook | 2024-11-20 | 5.8 MEDIUM | N/A |
The NBActiveX.ocx ActiveX control in NeoBook 4 allows remote attackers to install and execute arbitrary programs. | |||||
CVE-2002-2351 | 1 Qualcomm | 1 Eudora | 2024-11-20 | 6.4 MEDIUM | N/A |
Eudora 5.1 allows remote attackers to bypass security warnings and possibly execute arbitrary code via attachments with names containing a trailing "." (dot). | |||||
CVE-2002-2350 | 1 Phpoutsourcing | 1 Zorum | 2024-11-20 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in z_user_show.php in dbtreelistproperty_method.php in Zorum 2.4 allows remote attackers to inject arbitrary web script or HTML via the class parameter. | |||||
CVE-2002-2349 | 1 Phpbb | 1 Phpbbmod | 2024-11-20 | 5.0 MEDIUM | N/A |
phpinfo.php in phpBBmod 1.3.3 executes the phpinfo function, which allows remote attackers to obtain sensitive environment information. | |||||
CVE-2002-2348 | 1 Authoria | 1 Authoria | 2024-11-20 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in athcgi.exe in Authoria HR allows remote attackers to inject arbitrary web script or HTML via the command parameter. | |||||
CVE-2002-2347 | 1 Oracle | 1 Application Server | 2024-11-20 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in Oracle Java Server Page (OJSP) demo files (1) hellouser.jsp, (2) welcomeuser.jsp and (3) usebean.jsp in Oracle 9i Application Server 9.0.2, 1.0.2.2, 1.0.2.1s and 1.0.2 allows remote attackers to inject arbitrary web script or HTML via the text entry field. | |||||
CVE-2002-2346 | 1 Phpbb | 1 Phpbb | 2024-11-20 | 5.0 MEDIUM | N/A |
phpBB 2.0 through 2.0.3 generates names for uploaded avatar files with the hex-encoded IP address of the client system, which allows remote attackers to obtain client IP addresses. | |||||
CVE-2002-2345 | 1 Oracle | 1 Application Server | 2024-11-20 | 7.5 HIGH | N/A |
Oracle 9i Application Server 9.0.2 stores the web cache administrator interface password in plaintext, which allows remote attackers to gain access. | |||||
CVE-2002-2344 | 1 Ensim | 1 Webppliance | 2024-11-20 | 5.0 MEDIUM | N/A |
Ensim WEBppliance 3.0 and 3.1 allows remote attackers to read mail intended for other users by defining an alias that is the target's email address. | |||||
CVE-2002-2343 | 1 Nocc | 1 Nocc | 2024-11-20 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in NOCC 0.9 through 0.9.5 allows remote attackers to inject arbitrary web script or HTML via email messages. |