Search Results (29815 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2002-1698 1 Microsoft 1 Msn Messenger 2025-04-03 N/A
Buffer overflow in Microsoft MSN Messenger Service 1.0 through 4.6 allows remote attackers to cause a denial of service (crash) via a long FN (font) argument in the message header.
CVE-2002-1707 1 Phpbb Group 1 Phpbb 2025-04-03 N/A
install.php in phpBB 2.0 through 2.0.1, when "allow_url_fopen" and "register_globals" variables are set to "on", allows remote attackers to execute arbitrary PHP code by modifying the phpbb_root_dir parameter to reference a URL on a remote web server that contains the code.
CVE-2002-1709 1 Basilix 1 Basilix Webmail 2025-04-03 N/A
SQL injection vulnerability in BasiliX Webmail 1.10 allows remote attackers to obtain sensitive information or possibly modify data via the id variable.
CVE-2002-1711 1 Basilix 1 Basilix Webmail 2025-04-03 N/A
BasiliX 1.1.0 saves attachments in a world readable /tmp/BasiliX directory, which allows local users to read other users' attachments.
CVE-2002-1719 1 Bavo 1 Bavo 2025-04-03 N/A
Unknown vulnerability in Bavo 0.3 allows remote attackers to modify posted messages.
CVE-2002-1720 1 Outfront 1 Spooky Login 2025-04-03 N/A
SQL injection vulnerability in Spooky Login 2.0 through 2.5 allows remote attackers to bypass authentication and gain privileges via the password field.
CVE-2002-1742 1 Paul Kulchenko 1 Soap Lite 2025-04-03 N/A
SOAP::Lite 0.50 through 0.52 allows remote attackers to load arbitrary Perl functions by suppling a non-existent function in a script using a SOAP::Lite module, which causes the AUTOLOAD subroutine to trigger.
CVE-2002-1725 1 Onlinetools.org 1 Phpimageview 2025-04-03 N/A
phpimageview.php in PHPImageView 1.0 allows remote attackers to obtain sensitive information via the pw=show option, which invokes the phpinfo function.
CVE-2002-1727 1 Asksam Systems 1 Asksam Web Publisher 2025-04-03 N/A
Cross-site scripting vulnerability (XSS) in (1) as_web.exe and (2) as_web4.exe in askSam Web Publisher 1 and 4 allows remote attackers to execute arbitrary script as other users via a URL.
CVE-2002-1729 1 Aspjar 1 Aspjar Guestbook 2025-04-03 N/A
Cross-site scripting vulnerability (XSS) in ASPjar Guestbook 1.00 allows remote attackers to execute arbitrary script as other users via the "web site" parameter in a guestbook message.
CVE-2002-1731 1 Ibm 1 Os 400 2025-04-03 N/A
The System Request menu in IBM AS/400 allows local users to list valid user accounts by viewing the object names that are type USRPRF.
CVE-2002-1726 1 Brokenbytes 1 Photodb 2025-04-03 N/A
secure_inc.php in PhotoDB 1.4 allows remote attackers to bypass authentication via a URL with a large Time parameter, non-empty rmtusername and rmtpassword parameter, and an accesslevel parameter that is lower than the access level of the requested page.
CVE-2002-1736 1 Markus Triska 1 Cginews 2025-04-03 N/A
Unknown vulnerability in CGINews before 1.06 allow remote attackers to read arbitrary files via "unfiltered user input."
CVE-2002-1737 1 Astaro 1 Security Linux 2025-04-03 N/A
Astaro Security Linux 2.016 creates world-writable files and directories, which allows local users to overwrite arbitrary files.
CVE-2002-1738 1 Alt-n 1 Mdaemon 2025-04-03 N/A
Alt-N Technologies MDaemon 5.0.5.0 and earlier creates a default MDaemon mail account with a password of MServer, which could allow remote attackers to send anonymous email.
CVE-2002-1740 1 Alt-n 2 Mdaemon, Worldclient 2025-04-03 N/A
Buffer overflow in WorldClient.cgi in WorldClient in Alt-N Technologies MDaemon 5.0.5.0 and earlier allows local users to execute arbitrary code via a long folder name (NewFolder parameter).
CVE-2002-1741 1 Alt-n 1 Worldclient 2025-04-03 N/A
Directory traversal vulnerability in WorldClient.cgi in WorldClient for Alt-N Technologies MDaemon 5.0.5.0 and earlier allows local users to delete arbitrary files via a ".." (dot dot) in the Attachments parameter.
CVE-2005-2375 1 Codemasters 1 Toca Race Driver 2025-04-03 N/A
Format string vulnerability in Race Driver 1.20 and earlier allows remote attackers to cause a denial of service (application crash) via format string specifiers in a (1) nickname or (2) chat message.
CVE-2002-1748 1 Open Source Development Network 1 Slashcode 2025-04-03 N/A
Unknown vulnerability in Slash 2.1.x and 2.2 through 2.2.2, as used in Slashcode, allows remote authenticated users to gain access to arbitrary accounts.
CVE-2002-1751 1 Cgiscript.net 1 Cslivesupport 2025-04-03 N/A
csLiveSupport.cgi in CGIScript.net csLiveSupport allows remote attackers to execute arbitrary Perl code via the setup parameter, which is processed by the Perl eval function.