Search Results (29948 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2002-1709 1 Basilix 1 Basilix Webmail 2026-04-16 N/A
SQL injection vulnerability in BasiliX Webmail 1.10 allows remote attackers to obtain sensitive information or possibly modify data via the id variable.
CVE-2002-1710 1 Basilix 1 Basilix Webmail 2026-04-16 N/A
The attachment capability in Compose Mail in BasiliX Webmail 1.1.0 does not check whether the attachment was uploaded by the user or came from a HTTP POST, which could allow local users to steal sensitive information like a password file.
CVE-2002-1711 1 Basilix 1 Basilix Webmail 2026-04-16 N/A
BasiliX 1.1.0 saves attachments in a world readable /tmp/BasiliX directory, which allows local users to read other users' attachments.
CVE-2002-1715 1 Ssh 2 Ssh, Ssh2 2026-04-16 N/A
SSH 1 through 3, and possibly other versions, allows local users to bypass restricted shells such as rbash or rksh by uploading a script to a world-writeable directory, then executing that script to gain normal shell access.
CVE-2002-1719 1 Bavo 1 Bavo 2026-04-16 N/A
Unknown vulnerability in Bavo 0.3 allows remote attackers to modify posted messages.
CVE-2002-1720 1 Outfront 1 Spooky Login 2026-04-16 N/A
SQL injection vulnerability in Spooky Login 2.0 through 2.5 allows remote attackers to bypass authentication and gain privileges via the password field.
CVE-2002-1722 1 Logitech 3 Cordless Freedom Itouch Keyboard, Cordless Itouch Keyboard, Itouch Keyboard 2026-04-16 N/A
Logitech iTouch keyboards allows attackers with physical access to the system to bypass the screen locking function and execute user-defined commands that have been assigned to a button.
CVE-2002-1724 1 Onlinetools.org 1 Phpimageview 2026-04-16 N/A
Cross-site scripting vulnerability (XSS) in phpimageview.php for PHPImageView 1.0 allows remote attackers to execute arbitrary script as other users via the pic parameter.
CVE-2002-1725 1 Onlinetools.org 1 Phpimageview 2026-04-16 N/A
phpimageview.php in PHPImageView 1.0 allows remote attackers to obtain sensitive information via the pw=show option, which invokes the phpinfo function.
CVE-2002-1726 1 Brokenbytes 1 Photodb 2026-04-16 N/A
secure_inc.php in PhotoDB 1.4 allows remote attackers to bypass authentication via a URL with a large Time parameter, non-empty rmtusername and rmtpassword parameter, and an accesslevel parameter that is lower than the access level of the requested page.
CVE-2002-1727 1 Asksam Systems 1 Asksam Web Publisher 2026-04-16 N/A
Cross-site scripting vulnerability (XSS) in (1) as_web.exe and (2) as_web4.exe in askSam Web Publisher 1 and 4 allows remote attackers to execute arbitrary script as other users via a URL.
CVE-2002-1728 1 Asksam Systems 1 Asksam Web Publisher 2026-04-16 N/A
askSam Web Publisher 1.0 and 4.0 allows remote attackers to determine the full path to the web root directory via a request for a file that does not exist, which generates an error message that reveals the full path.
CVE-2002-1729 1 Aspjar 1 Aspjar Guestbook 2026-04-16 N/A
Cross-site scripting vulnerability (XSS) in ASPjar Guestbook 1.00 allows remote attackers to execute arbitrary script as other users via the "web site" parameter in a guestbook message.
CVE-2002-1730 1 Aspjar 1 Aspjar Guestbook 2026-04-16 N/A
ASPjar Guestbook 1.00 allows remote attackers to delete arbitrary messages accessing the delete.asp administrative script with certain cookie values set to "true".
CVE-2002-1731 1 Ibm 1 Os 400 2026-04-16 N/A
The System Request menu in IBM AS/400 allows local users to list valid user accounts by viewing the object names that are type USRPRF.
CVE-2002-1733 1 Prospero Technologies 1 Prospero Message Board 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in the web-based message board in Prospero Technologies allows remote attackers to inject arbitrary web script or HTML via a message board post.
CVE-2002-1748 1 Open Source Development Network 1 Slashcode 2026-04-16 N/A
Unknown vulnerability in Slash 2.1.x and 2.2 through 2.2.2, as used in Slashcode, allows remote authenticated users to gain access to arbitrary accounts.
CVE-2002-2312 1 Opera Software 1 Opera 2026-04-16 N/A
Opera 6.0.1 allows remote attackers to upload arbitrary file contents when users press a key corresponding to the JavaScript (1) event.ctrlKey or (2) event.shiftKey onkeydown event contained in a webpage.
CVE-2002-2313 1 Qualcomm 1 Eudora 2026-04-16 N/A
Eudora email client 5.1.1, with "use Microsoft viewer" enabled, allows remote attackers to execute arbitrary programs via an HTML email message containing a META refresh tag that references an embedded .mhtml file with ActiveX controls that execute a second embedded program, which is processed by Internet Explorer.
CVE-2002-2337 1 Kaspersky Lab 1 Kaspersky Anti-hacker 2026-04-16 N/A
Kaspersky Anti-Hacker 1.0, when configured to automatically block attacks, allows remote attackers to block IP addresses and cause a denial of service via spoofed packets.