Search Results (29815 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2002-1742 1 Paul Kulchenko 1 Soap Lite 2025-04-03 N/A
SOAP::Lite 0.50 through 0.52 allows remote attackers to load arbitrary Perl functions by suppling a non-existent function in a script using a SOAP::Lite module, which causes the AUTOLOAD subroutine to trigger.
CVE-2002-1725 1 Onlinetools.org 1 Phpimageview 2025-04-03 N/A
phpimageview.php in PHPImageView 1.0 allows remote attackers to obtain sensitive information via the pw=show option, which invokes the phpinfo function.
CVE-2002-1727 1 Asksam Systems 1 Asksam Web Publisher 2025-04-03 N/A
Cross-site scripting vulnerability (XSS) in (1) as_web.exe and (2) as_web4.exe in askSam Web Publisher 1 and 4 allows remote attackers to execute arbitrary script as other users via a URL.
CVE-2002-1729 1 Aspjar 1 Aspjar Guestbook 2025-04-03 N/A
Cross-site scripting vulnerability (XSS) in ASPjar Guestbook 1.00 allows remote attackers to execute arbitrary script as other users via the "web site" parameter in a guestbook message.
CVE-2002-1731 1 Ibm 1 Os 400 2025-04-03 N/A
The System Request menu in IBM AS/400 allows local users to list valid user accounts by viewing the object names that are type USRPRF.
CVE-2002-1726 1 Brokenbytes 1 Photodb 2025-04-03 N/A
secure_inc.php in PhotoDB 1.4 allows remote attackers to bypass authentication via a URL with a large Time parameter, non-empty rmtusername and rmtpassword parameter, and an accesslevel parameter that is lower than the access level of the requested page.
CVE-2002-1736 1 Markus Triska 1 Cginews 2025-04-03 N/A
Unknown vulnerability in CGINews before 1.06 allow remote attackers to read arbitrary files via "unfiltered user input."
CVE-2002-1737 1 Astaro 1 Security Linux 2025-04-03 N/A
Astaro Security Linux 2.016 creates world-writable files and directories, which allows local users to overwrite arbitrary files.
CVE-2002-1738 1 Alt-n 1 Mdaemon 2025-04-03 N/A
Alt-N Technologies MDaemon 5.0.5.0 and earlier creates a default MDaemon mail account with a password of MServer, which could allow remote attackers to send anonymous email.
CVE-2002-1740 1 Alt-n 2 Mdaemon, Worldclient 2025-04-03 N/A
Buffer overflow in WorldClient.cgi in WorldClient in Alt-N Technologies MDaemon 5.0.5.0 and earlier allows local users to execute arbitrary code via a long folder name (NewFolder parameter).
CVE-2002-1741 1 Alt-n 1 Worldclient 2025-04-03 N/A
Directory traversal vulnerability in WorldClient.cgi in WorldClient for Alt-N Technologies MDaemon 5.0.5.0 and earlier allows local users to delete arbitrary files via a ".." (dot dot) in the Attachments parameter.
CVE-2005-2375 1 Codemasters 1 Toca Race Driver 2025-04-03 N/A
Format string vulnerability in Race Driver 1.20 and earlier allows remote attackers to cause a denial of service (application crash) via format string specifiers in a (1) nickname or (2) chat message.
CVE-2002-1748 1 Open Source Development Network 1 Slashcode 2025-04-03 N/A
Unknown vulnerability in Slash 2.1.x and 2.2 through 2.2.2, as used in Slashcode, allows remote authenticated users to gain access to arbitrary accounts.
CVE-2002-1751 1 Cgiscript.net 1 Cslivesupport 2025-04-03 N/A
csLiveSupport.cgi in CGIScript.net csLiveSupport allows remote attackers to execute arbitrary Perl code via the setup parameter, which is processed by the Perl eval function.
CVE-2005-2377 1 Mandrakesoft 2 Mandrake Linux, Mandrake Linux Corporate Server 2025-04-03 N/A
nss_ldap 181 to versions before 213, as used in Mandrake Corporate Server and Mandrake 10.0, and other operating systems, does not properly handle a SIGPIPE signal when sending a search request to an LDAP directory server, which might allow remote attackers to cause a denial of service (crond and other application crash) if they can cause an LDAP server to become unavailable. NOTE: it is not clear whether this attack scenario is sufficient to include this item in CVE.
CVE-2002-1749 1 Microsoft 1 Windows 2000 2025-04-03 N/A
Windows 2000 Terminal Services, when using the disconnect feature of the client, does not properly lock itself if it is left idle until the screen saver activates and the user disconnects, which could allow attackers to gain administrator privileges.
CVE-2002-1758 1 Phprojekt 1 Phprojekt 2025-04-03 N/A
PHProjekt 2.0 through 3.1 allows remote attackers to view or modify data via requests to certain scripts that do not verify if the user is logged in.
CVE-2002-1759 1 Phprojekt 1 Phprojekt 2025-04-03 N/A
The upload function in PHProjekt 2.0 through 3.1 does not properly verify certain variables related to uploaded data, which allows remote attackers to cause PHProjekt to process arbitrary files.
CVE-2002-1772 1 Novell 1 Netware 2025-04-03 N/A
Novell Netware 5.0 through 5.1 may allow local users to gain "Domain Admin" rights by logging into a Novell Directory Services (NDS) account, and executing "net use" on an NDS_ADM account that is not in the NT domain but has domain access rights, which allows the user to enter a null password.
CVE-2002-1769 1 Microsoft 2 Site Server, Site Server Commerce 2025-04-03 N/A
Microsoft Site Server 3.0 prior to SP4 installs a default user, LDAP_Anonymous, with a default password of LdapPassword_1, which allows remote attackers the "Log on locally" privilege.