Export limit exceeded: 29948 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29948 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2002-2046 | 1 Xqus | 1 X-news | 2026-04-16 | N/A |
| x_news.php in X-News (x_news) 1.1 and earlier allows remote attackers to gain administrative privileges by stealing and replaying the md5_password cookie. | ||||
| CVE-2002-2047 | 1 Sketch | 1 Sketch | 2026-04-16 | N/A |
| The file preview functionality in Sketch 0.6.12 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in the filename of an encapsulated Postscript (EPS) file. | ||||
| CVE-2002-2048 | 1 Michael Baumer | 1 Pfinger | 2026-04-16 | N/A |
| Buffer overflow in PFinger 0.7.8 client allows remote attackers to execute arbitrary code via a long query value passed to the (1) finger program, (2) -l, (3) -d, and (4) -t options. NOTE: if PFinger is not setuid or setgid, then this issue would not cross privilege boundaries and would not be considered a vulnerability. | ||||
| CVE-2002-2049 | 1 Dug Song | 3 Dsniff, Fragroute, Fragrouter | 2026-04-16 | N/A |
| configure for Dsniff 2.3, fragroute 1.2, and fragrouter 1.6, when downloaded from monkey.org on May 17, 2002, has been modified to contain a backdoor, which allows remote attackers to access the system. | ||||
| CVE-2002-2052 | 1 Cisco | 1 Ios | 2026-04-16 | N/A |
| Cisco 2611 router running IOS 12.1(6.5), possibly an interim release, allows remote attackers to cause a denial of service via port scans such as (1) scanning all ports on a single host and (2) scanning a network of hosts for a single open port through the router. NOTE: the vendor could not reproduce this issue, saying that the original reporter was using an interim release of the software. | ||||
| CVE-2002-2053 | 1 Cisco | 1 Ios | 2026-04-16 | N/A |
| The design of the Hot Standby Routing Protocol (HSRP), as implemented on Cisco IOS 12.1, when using IRPAS, allows remote attackers to cause a denial of service (CPU consumption) via a router with the same IP address as the interface on which HSRP is running, which causes a loop. | ||||
| CVE-2002-2054 | 1 Teekai | 1 Teekai Forum | 2026-04-16 | N/A |
| TeeKai Forum 1.2 allows remote attackers to authenticate as the administrator and and gain privileged web forum access by setting the valid_level cookie to admin. | ||||
| CVE-2002-2055 | 1 Teekai | 1 Teekai Tracking Online | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in userlog.php in TeeKai Tracking Online 1.0 allows remote attackers to inject arbitrary web script or HTML via the id parameter. | ||||
| CVE-2002-2056 | 1 Teekai | 1 Teekai Forum | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in TeeKai Forum 1.2 allows remote attackers to inject arbitrary web script or HTML via the valid_username_online cookie. | ||||
| CVE-2002-2057 | 1 Teekai | 1 Teekai Forum | 2026-04-16 | N/A |
| TeeKai Forum 1.2 uses weak encryption of web usage statistics in data/member_log.txt, which is stored under the web document root with insufficient access control, which allows remote attackers to identify IP's visiting the site by dividing each octet by the MD5 hash of '20'. | ||||
| CVE-2002-2063 | 1 Atguard | 1 Atguard Personal Firewall | 2026-04-16 | N/A |
| AtGuard 3.2 allows remote attackers to bypass firwall filters and execute prohibited programs by changing the filenames to permitted filenames. | ||||
| CVE-2002-2064 | 1 Phpwebgallery | 1 Phpwebgallery | 2026-04-16 | N/A |
| isadmin.php in PhpWebGallery 1.0 allows remote attackers to gain administrative access via by setting the photo_login cookie to pseudo. | ||||
| CVE-2002-2084 | 1 Portix-php | 1 Portix-php | 2026-04-16 | N/A |
| Directory traversal vulnerability in index.php of Portix 0.4.02 allows remote attackers to read arbitrary files via a .. (dot dot) in the (1) l and (2) topic parameters. | ||||
| CVE-2002-2078 | 1 Floosietek | 2 Ftgateoffice, Ftgatepro | 2026-04-16 | N/A |
| Heap-based buffer overflow in Floositek (1) FTGate Pro 1.05 and (2) FTGate Office 1.05 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long POP3 APOP USER command. | ||||
| CVE-2002-2081 | 1 Microsoft | 2 Site Server, Site Server Commerce | 2026-04-16 | N/A |
| cphost.dll in Microsoft Site Server 3.0 allows remote attackers to cause a denial of service (disk consumption) via an HTTP POST of a file with a long TargetURL parameter, which causes Site Server to abort and leaves the uploaded file in c:\temp. | ||||
| CVE-2002-2085 | 1 Wwwebbb | 1 Wwwebbb Forum | 2026-04-16 | N/A |
| Directory traversal vulnerability in page.cgi of WWWeBBB Forum 3.82 beta and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in an HTTP request. | ||||
| CVE-2002-2086 | 1 Squirrelmail | 1 Squirrelmail | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in magicHTML of SquirrelMail before 1.2.6 allow remote attackers to inject arbitrary web script or HTML via (1) "<<script" in unspecified input fields or (2) a javascript: URL in the src attribute of an IMG tag. | ||||
| CVE-2002-2090 | 1 Caucho Technology | 1 Resin | 2026-04-16 | N/A |
| Caucho Technology Resin server 2.1.1 to 2.1.2 allows remote attackers to obtain server's root path via requests for MS-DOS device names such as lpt9.xtp. | ||||
| CVE-2002-2091 | 1 Decfingerd | 1 Decfingerd | 2026-04-16 | N/A |
| Format string vulnerability in Deception Finger Daemon, decfingerd, 0.7 may allow remote attackers to execute arbitrary code via the username of a finger request. | ||||
| CVE-2002-2095 | 1 Joe Testa | 1 Hellbent | 2026-04-16 | N/A |
| Joe Testa hellbent 01 webserver allows attackers to read files that are specified in the hellbent.prefs file by creating a file with a similar name in the web root, as demonstrated using (1) index.webroot and (2) index.ipallow. | ||||