Search Results (29815 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2000-0726 1 Stalkerlab 1 Mailers 2025-04-03 N/A
CGIMail.exe CGI program in Stalkerlab Mailers 1.1.2 allows remote attackers to read arbitrary files by specifying the file in the $Attach$ hidden form variable.
CVE-1999-0953 1 Matt Wright 1 Wwwboard 2025-04-03 N/A
WWWBoard stores encrypted passwords in a password file that is under the web root and thus accessible by remote attackers.
CVE-2000-0733 1 Sgi 1 Irix 2025-04-03 N/A
Telnetd telnet server in IRIX 5.2 through 6.1 does not properly cleans user-injected format strings, which allows remote attackers to execute arbitrary commands via a long RLD variable in the IAC-SB-TELOPT_ENVIRON request.
CVE-2000-0734 2 Eeye Digital Security, Spynet 2 Iris, Capturenet 2025-04-03 N/A
eEye IRIS 1.01 beta allows remote attackers to cause a denial of service via a large number of UDP connections.
CVE-2002-2121 1 Surfcontrol 1 Superscout Email Filter 2025-04-03 N/A
SurfControl SuperScout Email filter for SMTP 3.5.1 allows remote attackers to cause a denial of service (crash) via a long SMTP (1) HELO or (2) RCPT TO command, possibly due to a buffer overflow.
CVE-2000-0735 1 Rimarts Inc. 1 Becky Internet Mail 2025-04-03 N/A
Buffer overflow in Becky! Internet Mail client 1.26.03 and earlier allows remote attackers to cause a denial of service via a long Content-type: MIME header when the user replies to a message.
CVE-2002-0892 1 New Atlanta Communications 1 Servletexec Isapi 2025-04-03 N/A
The default configuration of NewAtlanta ServletExec ISAPI 4.1 allows remote attackers to determine the path of the web root via a direct request to com.newatlanta.servletexec.JSP10Servlet without a filename, which leaks the pathname in an error message.
CVE-2001-0092 1 Microsoft 1 Internet Explorer 2025-04-03 N/A
A function in Internet Explorer 5.0 through 5.5 does not properly verify the domain of a frame within a browser window, which allows a remote attacker to read client files, aka a new variant of the "Frame Domain Verification" vulnerability.
CVE-1999-0963 1 Freebsd 1 Freebsd 2025-04-03 N/A
FreeBSD mount_union command allows local users to gain root privileges via a symlink attack.
CVE-2000-0736 1 Rimarts Inc. 1 Becky Internet Mail 2025-04-03 N/A
Buffer overflow in Becky! Internet Mail client 1.26.04 and earlier allows remote attackers to cause a denial of service via a long Content-type: MIME header when the user forwards a message.
CVE-2000-0769 1 Oreilly 1 Website Pro 2025-04-03 N/A
O'Reilly WebSite Pro 2.3.7 installs the uploader.exe program with execute permissions for all users, which allows remote attackers to create and execute arbitrary files by directly calling uploader.exe.
CVE-2002-2128 1 W-agora 1 W-agora 2025-04-03 N/A
editform.php in w-Agora 4.1.5 allows local users to execute arbitrary PHP code via .. (dot dot) sequences in the file parameter.
CVE-2000-0772 1 Tumbleweed 1 Messaging Management System 2025-04-03 N/A
The installation of Tumbleweed Messaging Management System (MMS) 4.6 and earlier (formerly Worldtalk Worldsecure) creates a default account "sa" with no password.
CVE-2002-2130 1 Gallery Project 1 Gallery 2025-04-03 N/A
publish_xp_docs.php in Gallery 1.3.2 allows remote attackers to execute arbitrary PHP code by modifying the GALLERY_BASEDIR parameter to reference a URL on a remote web server that contains the code.
CVE-1999-1017 1 Seattle Lab Software 1 Emurl 2025-04-03 N/A
Seattle Labs Emurl 2.0, and possibly earlier versions, stores e-mail attachments in a specific directory with scripting enabled, which allows a malicious ASP file attachment to execute when the recipient opens the message.
CVE-1999-1020 1 Novell 1 Netware 2025-04-03 N/A
The installation of Novell Netware NDS 5.99 provides an unauthenticated client with Read access for the tree, which allows remote attackers to access sensitive information such as users, groups, and readable objects via CX.EXE and NLIST.EXE.
CVE-2000-0773 1 Bajie 1 Java Http Server 2025-04-03 N/A
Bajie HTTP web server 0.30a allows remote attackers to read arbitrary files via a URL that contains a "....", a variant of the dot dot directory traversal attack.
CVE-2001-0121 1 Storagesoft 1 Imagecast Ic3 2025-04-03 N/A
ImageCast Control Center 4.1.0 allows remote attackers to cause a denial of service (resource exhaustion or system crash) via a long string to port 12002.
CVE-2000-0774 1 Bajie 1 Java Http Server 2025-04-03 N/A
The sample Java servlet "test" in Bajie HTTP web server 0.30a reveals the real pathname of the web document root.
CVE-2002-0901 1 Amanda 1 Amanda 2025-04-03 N/A
Multiple buffer overflows in Advanced Maryland Automatic Network Disk Archiver (AMANDA) 2.3.0.4 allow (1) remote attackers to execute arbitrary code via long commands to the amindexd daemon, or certain local users to execute arbitrary code via long command line arguments to the programs (2) amcheck, (3) amgetidx, (4) amtrmidx, (5) createindex-dump, or (6) createindex-gnutar.