Latest CVE Feed
-
7.5
HIGHCVE-2002-0730
Cross-site scripting vulnerability in guestbook.pl for Philip Chinery's Guestbook 1.1 allows remote attackers to execute Javascript or HTML via fields such as (1) Name, (2) EMail, or (3) Homepage.... Read more
Affected Products : philip_chinerys_guestbook- EPSS Score: %3.06
- Published: Aug. 12, 2002
- Modified: Apr. 03, 2025
-
10.0
HIGHCVE-2002-0416
Buffer overflow in SH39 MailServer 1.21 and earlier allows remote attackers to cause a denial of service, and possibly execute arbitrary code, via a long command to the SMTP port.... Read more
Affected Products : mailserver- EPSS Score: %5.38
- Published: Aug. 12, 2002
- Modified: Apr. 03, 2025
-
7.5
HIGHCVE-2002-0428
Check Point FireWall-1 SecuRemote/SecuClient 4.0 and 4.1 allows clients to bypass the "authentication timeout" by modifying the to_expire or expire values in the client's users.C configuration file.... Read more
- EPSS Score: %0.46
- Published: Aug. 12, 2002
- Modified: Apr. 03, 2025
-
7.6
HIGHCVE-2002-0457
Cross-site scripting vulnerability in signgbook.php for BG GuestBook 1.0 allows remote attackers to execute arbitrary Javascript via encoded tags such as <, >, and & in fields such as (1) name, (2) email, (3) AIM screen name, (4) website, (5) lo... Read more
Affected Products : bg_guestbook- EPSS Score: %1.30
- Published: Aug. 12, 2002
- Modified: Apr. 03, 2025
-
7.5
HIGHCVE-2002-0411
Cross-site scripting vulnerability in message.php for AeroMail before 1.45 allows remote attackers to execute Javascript as an AeroMail user via an email message with the script in the Subject line.... Read more
Affected Products : aeromail- EPSS Score: %0.89
- Published: Aug. 12, 2002
- Modified: Apr. 03, 2025
-
7.5
HIGHCVE-2002-0413
Cross-site scripting vulnerability in ReBB allows remote attackers to execute arbitrary Javascript and steal cookies via an IMG tag whose URL includes the malicious script.... Read more
Affected Products : rebb- EPSS Score: %3.06
- Published: Aug. 12, 2002
- Modified: Apr. 03, 2025
-
5.0
MEDIUMCVE-2002-0463
home.php in ARSC (Really Simple Chat) 1.0.1 and earlier allows remote attackers to determine the full pathname of the web server via an invalid language in the arsc_language parameter, which leaks the pathname in an error message.... Read more
Affected Products : arsc_really_simple_chat- EPSS Score: %0.66
- Published: Aug. 12, 2002
- Modified: Apr. 03, 2025
-
5.0
MEDIUMCVE-2002-1446
The error checking routine used for the C_Verify call on a symmetric verification key in the nCipher PKCS#11 library 1.2.0 and later returns the CKR_OK status even when it detects an invalid signature, which could allow remote attackers to modify or forge... Read more
Affected Products : pkcs_11_library- EPSS Score: %0.63
- Published: Aug. 01, 2002
- Modified: Apr. 03, 2025
-
7.2
HIGHCVE-2002-1616
Multiple buffer overflows in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and 4.0f allow local users to gain root privileges via (1) su, (2) chsh, (3) passwd, (4) chfn, (5) dxchpwd, and (6) libc.... Read more
Affected Products : tru64- EPSS Score: %0.30
- Published: Aug. 01, 2002
- Modified: Apr. 03, 2025
-
5.0
MEDIUMCVE-2002-1450
IBM UniVerse with UV/ODBC allows attackers to cause a denial of service (client crash or server CPU consumption) via a query with an invalid link between tables, possibly via a buffer overflow.... Read more
Affected Products : u2_universe- EPSS Score: %0.50
- Published: Jul. 31, 2002
- Modified: Apr. 03, 2025
-
7.5
HIGHCVE-2002-1449
eUpload 1.0 stores the password.txt password file in plaintext under the web document root, which allows remote attackers to overwrite arbitrary files by reading password.txt.... Read more
Affected Products : eupload- EPSS Score: %1.02
- Published: Jul. 31, 2002
- Modified: Apr. 03, 2025
-
7.2
HIGHCVE-2002-0716
Format string vulnerability in crontab for SCO OpenServer 5.0.5 and 5.0.6 allows local users to gain privileges via format string specifiers in the file name argument.... Read more
Affected Products : openserver- EPSS Score: %0.08
- Published: Jul. 26, 2002
- Modified: Apr. 03, 2025
-
7.5
HIGHCVE-2002-0439
Cross-site scripting vulnerability in CaupoShop 1.30a and earlier, and possibly CaupoShopPro, allows remote attackers to execute arbitrary Javascript and steal credit card numbers or delete items by injecting the script into new customer information field... Read more
Affected Products : cauposhop- EPSS Score: %0.72
- Published: Jul. 26, 2002
- Modified: Apr. 03, 2025
-
5.0
MEDIUMCVE-2002-0407
htcgibin.exe in Lotus Domino server 5.0.9a and earlier allows remote attackers to determine the physical pathname for the server via requests that contain certain MS-DOS device names such as com5, such as (1) a request with a .pl or .java extension, or (2... Read more
Affected Products : domino- EPSS Score: %1.30
- Published: Jul. 26, 2002
- Modified: Apr. 03, 2025
-
5.0
MEDIUMCVE-2002-0441
Directory traversal vulnerability in imlist.php for Php Imglist allows remote attackers to read arbitrary code via a .. (dot dot) in the cwd parameter.... Read more
Affected Products : php_imglist- EPSS Score: %3.04
- Published: Jul. 26, 2002
- Modified: Apr. 03, 2025
-
4.6
MEDIUMCVE-2002-0031
Buffer overflows in Yahoo! Messenger 5,0,0,1064 and earlier allows remote attackers to execute arbitrary code via a ymsgr URI with long arguments to (1) call, (2) sendim, (3) getimv, (4) chat, (5) addview, or (6) addfriend.... Read more
Affected Products : messenger- EPSS Score: %21.42
- Published: Jul. 26, 2002
- Modified: Apr. 03, 2025
-
10.0
HIGHCVE-2002-0398
Red-M 1050 (Bluetooth Access Point) PPP server allows bonded users to cause a denial of service and possibly execute arbitrary code via a long user name.... Read more
Affected Products : 1050ap_lan_acess_point- EPSS Score: %0.82
- Published: Jul. 26, 2002
- Modified: Apr. 03, 2025
-
10.0
HIGHCVE-2002-0395
The TFTP server for Red-M 1050 (Bluetooth Access Point) can not be disabled and makes it easier for remote attackers to crack the administration password via brute force methods.... Read more
Affected Products : 1050ap_lan_acess_point- EPSS Score: %1.21
- Published: Jul. 26, 2002
- Modified: Apr. 03, 2025
-
7.5
HIGHCVE-2002-0032
Yahoo! Messenger 5,0,0,1064 and earlier allows remote attackers to execute arbitrary script as other users via the addview parameter of a ymsgr URI.... Read more
Affected Products : messenger- EPSS Score: %2.94
- Published: Jul. 26, 2002
- Modified: Apr. 03, 2025
-
5.0
MEDIUMCVE-2002-0431
XTux allows remote attackers to cause a denial of service (CPU consumption) via random inputs in the initial connection.... Read more
Affected Products : xtux- EPSS Score: %4.89
- Published: Jul. 26, 2002
- Modified: Apr. 03, 2025