Latest CVE Feed
-
5.0
MEDIUMCVE-2002-1411
Directory traversal vulnerability in update.dpgs in Duma Photo Gallery System (DPGS) 0.99.4 allows remote attackers to read arbitrary files via .. (dot dot) sequences in the id parameter.... Read more
Affected Products : photo_gallery_system- EPSS Score: %0.27
- Published: Apr. 11, 2003
- Modified: Apr. 03, 2025
-
7.5
HIGHCVE-2002-1410
Easy Guestbook CGI programs do not authenticate the administrator, which allows remote attackers to (1) delete entries via direct access of admin.cgi, or (2) reconfigure Guestbook via direct access of config.cgi.... Read more
- EPSS Score: %11.51
- Published: Apr. 11, 2003
- Modified: Apr. 03, 2025
-
7.8
HIGHCVE-2002-1426
HP ProCurve Switch 4000M C.07.23 allows remote attackers to cause a denial of service (crash) via an SNMP write request containing 85 characters, possibly triggering a buffer overflow.... Read more
Affected Products : procurve_switch_4000m- EPSS Score: %10.93
- Published: Apr. 11, 2003
- Modified: Apr. 03, 2025
-
5.0
MEDIUMCVE-2002-1430
Unknown vulnerability in Sympoll 1.2 allows remote attackers to read arbitrary files when register_globals is enabled, possibly by modifying certain PHP variables through URL parameters.... Read more
Affected Products : sympoll- EPSS Score: %0.52
- Published: Apr. 11, 2003
- Modified: Apr. 03, 2025
-
7.5
HIGHCVE-2002-1427
The print_html_to_file function in edit.cgi for Easy Homepage Creator 1.0 does not check user credentials, which allows remote attackers to modify home pages of other users.... Read more
- EPSS Score: %3.06
- Published: Apr. 11, 2003
- Modified: Apr. 03, 2025
-
5.0
MEDIUMCVE-2002-1415
Format string vulnerability in SMTP service for WebEasyMail 3.4.2.2 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via format strings in SMTP requests.... Read more
Affected Products : webeasymail- EPSS Score: %1.87
- Published: Apr. 11, 2003
- Modified: Apr. 03, 2025
-
5.0
MEDIUMCVE-2002-1422
admbrowse.php in FUDforum before 2.2.0 allows remote attackers to create or delete files via URL-encoded pathnames in the cur and dest parameters.... Read more
Affected Products : fudforum- EPSS Score: %6.34
- Published: Apr. 11, 2003
- Modified: Apr. 03, 2025
-
7.5
HIGHCVE-2003-0172
Buffer overflow in openlog function for PHP 4.3.1 on Windows operating system, and possibly other OSes, allows remote attackers to cause a crash and possibly execute arbitrary code via a long filename argument.... Read more
Affected Products : php- EPSS Score: %22.20
- Published: Apr. 02, 2003
- Modified: Apr. 03, 2025
-
5.0
MEDIUMCVE-2002-1485
The AIM component of Trillian 0.73 and 0.74 allows remote attackers to cause a denial of service (crash) via certain strings such as "P > O < C".... Read more
Affected Products : trillian- EPSS Score: %0.57
- Published: Apr. 02, 2003
- Modified: Apr. 03, 2025
-
5.0
MEDIUMCVE-2002-1487
The IRC component of Trillian 0.73 and 0.74 allows remote malicious IRC servers to cause a denial of service (crash) by sending the raw messages (1) 206, (2) 211, (3) 213, (4) 214, (5) 215, (6) 217, (7) 218, (8) 243, (9) 302, (10) 317, (11) 324, (12) 332,... Read more
Affected Products : trillian- EPSS Score: %15.18
- Published: Apr. 02, 2003
- Modified: Apr. 03, 2025
-
5.0
MEDIUMCVE-2002-1504
Directory traversal vulnerability in WebServer 4 Everyone 1.22 allows remote attackers to read arbitrary files via "..\" (dot-dot backslash) sequences in a URL.... Read more
Affected Products : webserver_4_everyone- EPSS Score: %0.46
- Published: Apr. 02, 2003
- Modified: Apr. 03, 2025
-
2.1
LOWCVE-2002-1502
Symbolic link vulnerability in xbreaky before 0.5.5 allows local users to overwrite arbitrary files via a symlink from the user's .breakyhighscores file to the target file.... Read more
Affected Products : xbreaky- EPSS Score: %0.18
- Published: Apr. 02, 2003
- Modified: Apr. 03, 2025
-
4.3
MEDIUMCVE-2002-1495
Cross-site scripting (XSS) vulnerability in JAWmail 1.0-rc1 allows remote attackers to insert arbitrary script or HTML via (1) attached file names in the Read Mail feature, (2) text/html mails that are displayed in a pop-up window, and (3) certain malicio... Read more
Affected Products : jawmail- EPSS Score: %1.35
- Published: Apr. 02, 2003
- Modified: Apr. 03, 2025
-
7.2
HIGHCVE-2002-1506
Buffer overflow in Linuxconf before 1.28r4 allows local users to execute arbitrary code via a long LINUXCONF_LANG environment variable, which overflows an error string that is generated.... Read more
Affected Products : linuxconf- EPSS Score: %0.46
- Published: Apr. 02, 2003
- Modified: Apr. 03, 2025
-
7.5
HIGHCVE-2002-1505
SQL injection vulnerability in board.php for WoltLab Burning Board (wBB) 2.0 RC 1 and earlier allows remote attackers to modify the database and possibly gain privileges via the boardid parameter.... Read more
Affected Products : burning_board- EPSS Score: %0.33
- Published: Apr. 02, 2003
- Modified: Apr. 03, 2025
-
5.0
MEDIUMCVE-2002-1515
Directory traversal vulnerability in avatar.php in CoolForum 0.5 beta allows remote attackers to read arbitrary files via .. (dot dot) sequences in the img parameter.... Read more
Affected Products : coolforum- EPSS Score: %1.48
- Published: Apr. 02, 2003
- Modified: Apr. 03, 2025
-
6.8
MEDIUMCVE-2003-0154
Cross-site scripting vulnerabilities (XSS) in bonsai Mozilla CVS query tool allow remote attackers to execute arbitrary web script via (1) the file, root, or rev parameters to cvslog.cgi, (2) the file or root parameters to cvsblame.cgi, (3) various parame... Read more
Affected Products : bonsai- EPSS Score: %13.33
- Published: Apr. 02, 2003
- Modified: Apr. 03, 2025
-
10.0
HIGHCVE-2002-1520
The CLI interface for WatchGuard Firebox Vclass 3.2 and earlier, and RSSA Appliance 3.0.2, does not properly close the SSH connection when a -N option is provided during authentication, which allows remote attackers to access CLI with administrator privil... Read more
- EPSS Score: %0.83
- Published: Apr. 02, 2003
- Modified: Apr. 03, 2025
-
3.6
LOWCVE-2002-1518
mv in IRIX 6.5 creates a directory with world-writable permissions while moving a directory, which could allow local users to modify files and directories.... Read more
Affected Products : irix- EPSS Score: %0.05
- Published: Apr. 02, 2003
- Modified: Apr. 03, 2025
-
5.0
MEDIUMCVE-2002-1527
emumail.cgi in EMU Webmail 5.0 allows remote attackers to determine the full pathname for emumail.cgi via a malformed string containing script, which generates a regular expression matching error that includes the pathname in the resulting error message.... Read more
Affected Products : emu_webmail- EPSS Score: %4.31
- Published: Apr. 02, 2003
- Modified: Apr. 03, 2025