Export limit exceeded: 361611 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 29948 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29948 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2002-0282 | 1 Codeworx Technologies | 1 Dcp-portal | 2026-04-16 | N/A |
| DCP-Portal 3.7 through 4.5 allows remote attackers to obtain the physical path of the server via (1) a direct request to add_user.php, or via an invalid new_language parameter in (2) contents.php, (3) categories.php, or (4) files.php, which leaks the path in an error message. | ||||
| CVE-2002-0283 | 1 Microsoft | 1 Windows Xp | 2026-04-16 | N/A |
| Windows XP with port 445 open allows remote attackers to cause a denial of service (CPU consumption) via a flood of TCP SYN packets containing possibly malformed data. | ||||
| CVE-2002-0284 | 1 Nullsoft | 1 Winamp | 2026-04-16 | N/A |
| Winamp 2.78 and 2.77, when opening a wma file that requires a license, sends the full path of the Temporary Internet Files directory to the web page that is processing the license, which could allow malicious web servers to obtain the pathname. | ||||
| CVE-2002-0286 | 1 Sitenews | 1 Sitenews | 2026-04-16 | N/A |
| The GetPassword function in function.php of SiteNews 0.10 and 0.11 allows remote attackers to gain privileges and add users by providing a non-existent user name and the MD5 checksum for an empty password to add_user.php, which causes GetPassword to produce and compare a blank password for the non-existent user. | ||||
| CVE-2002-0287 | 1 Powie | 1 Pforum | 2026-04-16 | N/A |
| pforum 1.14 and earlier does not explicitly enable PHP magic quotes, which allows remote attackers to bypass authentication and gain administrator privileges via an SQL injection attack when the PHP server is not configured to use magic quotes by default. | ||||
| CVE-2002-0288 | 1 Bbshareware.com | 1 Phusion Webserver | 2026-04-16 | N/A |
| Directory traversal vulnerability in Phusion web server 1.0 allows remote attackers to read arbitrary files via a ... (triple dot dot) in the HTTP request. | ||||
| CVE-2002-0290 | 1 Netwin | 1 Webnews | 2026-04-16 | N/A |
| Buffer overflow in Netwin WebNews CGI program 1.1, Webnews.exe, allows remote attackers to execute arbitrary code via a long group argument. | ||||
| CVE-2002-0306 | 1 Avengers News System | 1 Avengers News System | 2026-04-16 | N/A |
| ans.pl in Avenger's News System (ANS) 2.11 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in the p (plugin) parameter. | ||||
| CVE-2002-0307 | 1 Avengers News System | 1 Avengers News System | 2026-04-16 | N/A |
| Directory traversal vulnerability in ans.pl in Avenger's News System (ANS) 2.11 and earlier allows remote attackers to determine the existence of arbitrary files or execute any Perl program on the system via a .. (dot dot) in the p parameter, which reads the target file and attempts to execute the line using Perl's eval function. | ||||
| CVE-2002-0308 | 1 Stefan Holmberg | 1 Admentor | 2026-04-16 | N/A |
| admin.asp in AdMentor 2.11 allows remote attackers to bypass authentication and gain privileges via a SQL injection attack on the Login and Password arguments. | ||||
| CVE-2002-0309 | 1 Symantec | 1 Enterprise Firewall | 2026-04-16 | N/A |
| SMTP proxy in Symantec Enterprise Firewall (SEF) 6.5.x includes the firewall's physical interface name and address in an SMTP protocol exchange when NAT translation is made to an address other than the firewall, which could allow remote attackers to determine certain firewall configuration information. | ||||
| CVE-2002-0319 | 1 Powie | 1 Pforum | 2026-04-16 | N/A |
| Cross-site scripting vulnerability in edituser.php for pforum 1.14 and earlier allows remote attackers to execute script and steal cookies from other users via Javascript in a username. | ||||
| CVE-2002-0311 | 1 Caldera | 2 Openunix, Unixware | 2026-04-16 | N/A |
| Vulnerability in webtop in UnixWare 7.1.1 and Open UNIX 8.0.0 allows local and possibly remote attackers to gain root privileges via shell metacharacters in the -c argument for (1) in scoadminreg.cgi or (2) service_action.cgi. | ||||
| CVE-2002-0312 | 1 Essen | 1 Essentia Web Server | 2026-04-16 | N/A |
| Directory traversal vulnerability in Essentia Web Server 2.1 allows remote attackers to read arbitrary files via a .. (dot dot) in a URL. | ||||
| CVE-2002-0313 | 1 Essen | 1 Essentia Web Server | 2026-04-16 | N/A |
| Buffer overflow in Essentia Web Server 2.1 allows remote attackers to cause a denial of service, and possibly execute arbitrary code, via a long URL. | ||||
| CVE-2002-0314 | 3 Fasttrack, Grokster, Music City Networks | 3 Kazaa, Grokster, Morpheus | 2026-04-16 | N/A |
| fasttrack p2p, as used in (1) KaZaA before 1.5, (2) grokster, and (3) morpheus allows remote attackers to cause a denial of service (memory exhaustion) via a series of client-to-client messages, which pops up new windows per message. | ||||
| CVE-2002-0315 | 3 Fasttrack, Grokster, Music City Networks | 3 Kazaa, Grokster, Morpheus | 2026-04-16 | N/A |
| fasttrack p2p, as used in (1) KaZaA, (2) grokster, and (3) morpheus allows remote attackers to spoof other users by modifying the username and network information in the message header. | ||||
| CVE-2002-0316 | 1 Xmb Software | 1 Xmb Forum | 2026-04-16 | N/A |
| Cross-site scripting vulnerability in eXtreme message board (XMB) 1.6x and earlier allows remote attackers to execute script as other XMB users by inserting the script into an IMG tag. | ||||
| CVE-2002-0317 | 1 Gator | 1 Gator | 2026-04-16 | N/A |
| Gator ActiveX component (IEGator.dll) 3.0.6.1 allows remote web sites to install arbitrary software by specifying a Trojan Gator installation file (setup.ex_) in the src parameter. | ||||
| CVE-2002-0318 | 1 Freeradius | 1 Freeradius | 2026-04-16 | N/A |
| FreeRADIUS RADIUS server allows remote attackers to cause a denial of service (CPU consumption) via a flood of Access-Request packets. | ||||