Search Results (29815 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2002-1849 1 Parachat 1 Parachat Server 2025-04-03 N/A
ParaChat Server 4.0 does not log users off if the browser's back button is used, which allows remote attackers to cause a denial of service by repeatedly logging into a chat room, hitting the back button, then logging into the same chat room as a different user, which fills the chat room with invalid users.
CVE-2002-2166 1 E-zone Media Inc. 1 Fusetalk 2025-04-03 N/A
Cross-site scripting (XSS) vulnerability in FuseTalk 2.0 and 3.0 allows remote attackers to insert arbitrary HTML and web script.
CVE-2002-2168 1 Thorsten Korner 1 123tkshop 2025-04-03 N/A
SQL injection vulnerability in Thorsten Korner 123tkShop before 0.3.1 allows remote attackers to execute arbitrary SQL queries via various programs including function_describe_item1.inc.php.
CVE-2002-2169 1 Aol 1 Instant Messenger 2025-04-03 N/A
Cross-site scripting vulnerability AOL Instant Messenger (AIM) 4.5 and 4.7 for MacOS and Windows allows remote attackers to conduct unauthorized activities, such as adding buddies and groups to a user's buddy list, via a URL with a META HTTP-EQUIV="refresh" tag to an aim: URL.
CVE-2002-2176 1 Phpbb Group 1 Phpbb 2025-04-03 N/A
SQL injection vulnerability in Gender MOD 1.1.3 allows remote attackers to gain administrative access via the user_level parameter in the User Profile page.
CVE-2002-2173 1 Cerulean Studios 1 Trillian 2025-04-03 N/A
Buffer overflow in the IRC module of Trillian 0.725 and 0.73 allowing remote attackers to execute arbitrary code via a long DCC Chat message.
CVE-2002-2178 1 Phpwebsite 1 Phpwebsite 2025-04-03 N/A
Cross-site scripting (XSS) vulnerability in article.php module for phpWebSite 0.8.3 allows remote attackers to execute arbitrary Javascript script via the sid parameter, as demonstrated using an IMG tag.
CVE-2002-2197 1 Sun 2 Solaris, Sunos 2025-04-03 N/A
Unknown vulnerability in Sun Solaris 8.0 allows local users to cause a denial of service (kernel panic) via a program that uses /dev/poll, triggering a NULL pointer dereference.
CVE-2002-2198 1 Zmailer 1 Zmailer 2025-04-03 N/A
Buffer overflow in ZMailer before 2.99.51_1 allows remote attackers to execute arbitrary code during HELO processing from an IPv6 address, possibly using an address that resolves to a long hostname.
CVE-2005-2395 1 Mozilla 1 Firefox 2025-04-03 N/A
Mozilla Firefox 1.0.4 and 1.0.5 does not choose the challenge with the strongest authentication scheme available as required by RFC2617, which might cause credentials to be sent in plaintext even if an encrypted channel is available.
CVE-2002-2207 1 Eric Rescorla 1 Ssldump 2025-04-03 N/A
Buffer overflow in ssldump 0.9b2 and earlier, when running in decryption mode, allows remote attackers to execute arbitrary code via a long RSA PreMasterSecret.
CVE-2005-2401 1 Php Fusion 1 Php Fusion 2025-04-03 N/A
PHP-Fusion allows remote attackers to inject arbitrary Cascading Style Sheets (CSS) via the BBCode color tag.
CVE-2002-2274 1 Akfingerd 1 Akfingerd 2025-04-03 N/A
akfingerd 0.5 allows local users to read arbitrary files as the akfingerd user (nobody) via a symlink attack on the .plan file.
CVE-2005-2402 1 Phpsitesearch 1 Phpsitesearch 2025-04-03 N/A
Cross-site scripting (XSS) vulnerability in search.php in PHPSiteSearch 1.7.7d allows remote attackers to inject arbitrary web script or HTML via the query parameter.
CVE-2002-2282 1 Mcafee 1 Virusscan 2025-04-03 N/A
McAfee VirusScan 4.5.1, when the WebScanX.exe module is enabled, searches for particular DLLs from the user's home directory, even when browsing the local hard drive, which allows local users to run arbitrary code via malicious versions of those DLLs.
CVE-2002-2284 1 Netscape 1 Communicator 2025-04-03 N/A
Netscape Communicator 4.0 through 4.79 allows remote attackers to bypass JVM security and execute arbitrary Java code via an applet that loads user-supplied Java classes.
CVE-2005-2411 1 Tdiary 1 Tdiary 2025-04-03 N/A
Cross-Site Request Forgery (CSRF) vulnerability in tDiary 2.1.1, and tDiary 2.0.1 and earlier, allows remote attackers to conduct actions as another user, and execute commands on the server, via a URL that is activated by the user.
CVE-2002-2370 1 Sws 1 Sws Simple Web Server 2025-04-03 N/A
SWS web server 0.0.4, 0.0.3 and 0.1.0 allows remote attackers to cause a denial of service (crash) via a URL request that does not end with a newline.
CVE-2002-2392 1 Nullsoft 1 Winamp 2025-04-03 N/A
Winamp 2.65 through 3.0 stores skin files in a predictable file location, which allows remote attackers to execute arbitrary code via a URL reference to (1) wsz and (2) wal files that contain embedded code.
CVE-2005-2413 1 Atomic Photo Album 1 Atomic Photo Album 2025-04-03 N/A
PHP remote file inclusion vulnerability in apa_phpinclude.inc.php in Atomic Photo Album (APA) allows remote attackers to execute arbitrary PHP code via the apa_module_basedir parameter.