Export limit exceeded: 364437 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (364437 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2002-1938 | 1 Virgil | 1 Cgi Scanner | 2026-04-16 | N/A |
| Virgil CGI Scanner 0.9 allows remote attackers to execute arbitrary commands via the (1) tar (TARGET) or (2) zielport (ZIELPORT) parameters. | ||||
| CVE-2002-1937 | 1 Symantec | 3 Firewall Vpn Appliance 100, Firewall Vpn Appliance 200, Firewall Vpn Appliance 200r | 2026-04-16 | N/A |
| Symantec Firewall/VPN Appliance 100 through 200R hardcodes the administrator's MAC address inside the firewall's configuration, which allows remote attackers to spoof the administrator's MAC address and perform an ARP poisoning man-in-the-middle attack to obtain the administrator's password. | ||||
| CVE-2002-1936 | 1 Utstarcom | 1 Bas 1000 | 2026-04-16 | N/A |
| UTStarcom BAS 1000 3.1.10 creates several default or back door accounts and passwords, which allows remote attackers to gain access via (1) field account with a password of "*field", (2) guru account with a password of "*3noguru", (3) snmp account with a password of "snmp", or (4) dbase account with a password of "dbase". | ||||
| CVE-2002-1715 | 1 Ssh | 2 Ssh, Ssh2 | 2026-04-16 | N/A |
| SSH 1 through 3, and possibly other versions, allows local users to bypass restricted shells such as rbash or rksh by uploading a script to a world-writeable directory, then executing that script to gain normal shell access. | ||||
| CVE-2002-1716 | 1 Microsoft | 1 Office | 2026-04-16 | N/A |
| The Host() function in the Microsoft spreadsheet component on Microsoft Office XP allows remote attackers to create arbitrary files using the SaveAs capability. | ||||
| CVE-2002-1717 | 1 Microsoft | 1 Internet Information Services | 2026-04-16 | N/A |
| Microsoft Internet Information Server (IIS) 5.1 allows remote attackers to view path information via a GET request to (1) /_vti_pvt/access.cnf, (2) /_vti_pvt/botinfs.cnf, (3) /_vti_pvt/bots.cnf, or (4) /_vti_pvt/linkinfo.cnf. | ||||
| CVE-2002-1718 | 1 Microsoft | 1 Internet Information Services | 2026-04-16 | N/A |
| Microsoft Internet Information Server (IIS) 5.1 may allow remote attackers to view the contents of a Frontpage Server Extension (FPSE) file, as claimed using an HTTP request for colegal.htm that contains .. (dot dot) sequences. | ||||
| CVE-2002-1719 | 1 Bavo | 1 Bavo | 2026-04-16 | N/A |
| Unknown vulnerability in Bavo 0.3 allows remote attackers to modify posted messages. | ||||
| CVE-2002-1720 | 1 Outfront | 1 Spooky Login | 2026-04-16 | N/A |
| SQL injection vulnerability in Spooky Login 2.0 through 2.5 allows remote attackers to bypass authentication and gain privileges via the password field. | ||||
| CVE-2002-1721 | 1 Pldaniels | 1 Altermime | 2026-04-16 | 7.5 High |
| Off-by-one error in alterMIME 0.1.10 and 0.1.11 allows remote attackers to cause a denial of service (crash) via an x-header that causes snprintf overwrite the FFGET_FILE variable with a (null) byte. | ||||
| CVE-2002-1722 | 1 Logitech | 3 Cordless Freedom Itouch Keyboard, Cordless Itouch Keyboard, Itouch Keyboard | 2026-04-16 | N/A |
| Logitech iTouch keyboards allows attackers with physical access to the system to bypass the screen locking function and execute user-defined commands that have been assigned to a button. | ||||
| CVE-2002-1723 | 1 Powerboards | 1 Powerboards | 2026-04-16 | N/A |
| Powerboards 2.2b allows remote attackers to view the full path to the backend database by sending a cookie containing a non-existent username to profiles.php, which displays the full path in the error message. | ||||
| CVE-2002-1724 | 1 Onlinetools.org | 1 Phpimageview | 2026-04-16 | N/A |
| Cross-site scripting vulnerability (XSS) in phpimageview.php for PHPImageView 1.0 allows remote attackers to execute arbitrary script as other users via the pic parameter. | ||||
| CVE-2002-1725 | 1 Onlinetools.org | 1 Phpimageview | 2026-04-16 | N/A |
| phpimageview.php in PHPImageView 1.0 allows remote attackers to obtain sensitive information via the pw=show option, which invokes the phpinfo function. | ||||
| CVE-2002-1726 | 1 Brokenbytes | 1 Photodb | 2026-04-16 | N/A |
| secure_inc.php in PhotoDB 1.4 allows remote attackers to bypass authentication via a URL with a large Time parameter, non-empty rmtusername and rmtpassword parameter, and an accesslevel parameter that is lower than the access level of the requested page. | ||||
| CVE-2002-1727 | 1 Asksam Systems | 1 Asksam Web Publisher | 2026-04-16 | N/A |
| Cross-site scripting vulnerability (XSS) in (1) as_web.exe and (2) as_web4.exe in askSam Web Publisher 1 and 4 allows remote attackers to execute arbitrary script as other users via a URL. | ||||
| CVE-2002-1728 | 1 Asksam Systems | 1 Asksam Web Publisher | 2026-04-16 | N/A |
| askSam Web Publisher 1.0 and 4.0 allows remote attackers to determine the full path to the web root directory via a request for a file that does not exist, which generates an error message that reveals the full path. | ||||
| CVE-2002-1729 | 1 Aspjar | 1 Aspjar Guestbook | 2026-04-16 | N/A |
| Cross-site scripting vulnerability (XSS) in ASPjar Guestbook 1.00 allows remote attackers to execute arbitrary script as other users via the "web site" parameter in a guestbook message. | ||||
| CVE-2002-1730 | 1 Aspjar | 1 Aspjar Guestbook | 2026-04-16 | N/A |
| ASPjar Guestbook 1.00 allows remote attackers to delete arbitrary messages accessing the delete.asp administrative script with certain cookie values set to "true". | ||||
| CVE-2002-1731 | 1 Ibm | 1 Os 400 | 2026-04-16 | N/A |
| The System Request menu in IBM AS/400 allows local users to list valid user accounts by viewing the object names that are type USRPRF. | ||||