Search Results (29948 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2002-2055 1 Teekai 1 Teekai Tracking Online 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in userlog.php in TeeKai Tracking Online 1.0 allows remote attackers to inject arbitrary web script or HTML via the id parameter.
CVE-2002-2056 1 Teekai 1 Teekai Forum 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in TeeKai Forum 1.2 allows remote attackers to inject arbitrary web script or HTML via the valid_username_online cookie.
CVE-2002-2057 1 Teekai 1 Teekai Forum 2026-04-16 N/A
TeeKai Forum 1.2 uses weak encryption of web usage statistics in data/member_log.txt, which is stored under the web document root with insufficient access control, which allows remote attackers to identify IP's visiting the site by dividing each octet by the MD5 hash of '20'.
CVE-2002-2063 1 Atguard 1 Atguard Personal Firewall 2026-04-16 N/A
AtGuard 3.2 allows remote attackers to bypass firwall filters and execute prohibited programs by changing the filenames to permitted filenames.
CVE-2002-2064 1 Phpwebgallery 1 Phpwebgallery 2026-04-16 N/A
isadmin.php in PhpWebGallery 1.0 allows remote attackers to gain administrative access via by setting the photo_login cookie to pseudo.
CVE-2002-2084 1 Portix-php 1 Portix-php 2026-04-16 N/A
Directory traversal vulnerability in index.php of Portix 0.4.02 allows remote attackers to read arbitrary files via a .. (dot dot) in the (1) l and (2) topic parameters.
CVE-2002-2078 1 Floosietek 2 Ftgateoffice, Ftgatepro 2026-04-16 N/A
Heap-based buffer overflow in Floositek (1) FTGate Pro 1.05 and (2) FTGate Office 1.05 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long POP3 APOP USER command.
CVE-2002-2081 1 Microsoft 2 Site Server, Site Server Commerce 2026-04-16 N/A
cphost.dll in Microsoft Site Server 3.0 allows remote attackers to cause a denial of service (disk consumption) via an HTTP POST of a file with a long TargetURL parameter, which causes Site Server to abort and leaves the uploaded file in c:\temp.
CVE-2002-2085 1 Wwwebbb 1 Wwwebbb Forum 2026-04-16 N/A
Directory traversal vulnerability in page.cgi of WWWeBBB Forum 3.82 beta and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in an HTTP request.
CVE-2002-2086 1 Squirrelmail 1 Squirrelmail 2026-04-16 N/A
Multiple cross-site scripting (XSS) vulnerabilities in magicHTML of SquirrelMail before 1.2.6 allow remote attackers to inject arbitrary web script or HTML via (1) "<<script" in unspecified input fields or (2) a javascript: URL in the src attribute of an IMG tag.
CVE-2002-2090 1 Caucho Technology 1 Resin 2026-04-16 N/A
Caucho Technology Resin server 2.1.1 to 2.1.2 allows remote attackers to obtain server's root path via requests for MS-DOS device names such as lpt9.xtp.
CVE-2002-2091 1 Decfingerd 1 Decfingerd 2026-04-16 N/A
Format string vulnerability in Deception Finger Daemon, decfingerd, 0.7 may allow remote attackers to execute arbitrary code via the username of a finger request.
CVE-2002-2095 1 Joe Testa 1 Hellbent 2026-04-16 N/A
Joe Testa hellbent 01 webserver allows attackers to read files that are specified in the hellbent.prefs file by creating a file with a similar name in the web root, as demonstrated using (1) index.webroot and (2) index.ipallow.
CVE-2002-2089 1 Sun 1 Solaris 2026-04-16 N/A
Buffer overflow in rcp in Solaris 9.0 allows local users to execute arbitrary code via a long command line argument.
CVE-2002-2092 3 Freebsd, Netbsd, Openbsd 3 Freebsd, Netbsd, Openbsd 2026-04-16 N/A
Race condition in exec in OpenBSD 4.0 and earlier, NetBSD 1.5.2 and earlier, and FreeBSD 4.4 and earlier allows local users to gain privileges by attaching a debugger to a process before the kernel has determined that the process is setuid or setgid.
CVE-2002-2093 1 Sgi 1 Irix 2026-04-16 N/A
The Video Control Panel on SGI O2/IRIX 6.5, when the Default Input is set to "Output Video", allows attackers to access a console session by running videoout then videoin.
CVE-2002-2102 1 Jcraft 1 Jzlib 2026-04-16 N/A
InfBlocks.java in JCraft JZlib before 0.0.7 allow remote attackers to cause a denial of service (NullPointerException) via an invalid block of deflated data.
CVE-2002-2097 1 Maradns 1 Maradns 2026-04-16 N/A
The compression code in MaraDNS before 0.9.01 allows remote attackers to cause a denial of service via crafted DNS packets.
CVE-2002-2098 1 Axspawn 1 Axspawn 2026-04-16 N/A
Buffer overflow in axspawn.c in Axspawn-pam before 0.2.1a allows remote attackers to execute arbitrary code via large packets.
CVE-2002-2099 1 Gnu 1 Data Display Debugger 2026-04-16 N/A
Buffer overflow in the GNU DataDisplay Debugger (DDD) 3.3.1 allows local users to execute arbitrary code and possibly gain privileges via a long HOME environment variable. NOTE: since DDD is not installed setuid or setgid, perhaps this issue should not be included in CVE.