Search Results (29815 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2002-0210 1 Tolis Group 1 Bru 2025-04-03 N/A
setlicense for TOLIS Group Backup and Restore Utility (BRU) 17.0 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/brutest.$$ temporary file.
CVE-2002-0220 1 Phpsmssend 1 Phpsmssend 2025-04-03 N/A
phpsmssend.php in PhpSmsSend 1.0 allows remote attackers to execute arbitrary commands via an SMS message containing shell metacharacters.
CVE-2002-0221 1 Etype 1 Eserv 2025-04-03 N/A
Etype Eserv 2.97 allows remote attackers to cause a denial of service (resource exhaustion) via a large number of PASV commands that consume ports 1024 through 5000, which prevents the server from accepting valid PASV.
CVE-2002-0222 1 Etype 1 Eserv 2025-04-03 N/A
Etype Eserv 2.97 allows remote attackers to redirect traffic to other sites (aka FTP bounce) via the PORT command.
CVE-2002-0234 1 Juniper 1 Netscreen Screenos 2025-04-03 N/A
NetScreen ScreenOS before 2.6.1 does not support a maximum number of concurrent sessions for a system, which allows an attacker on the trusted network to cause a denial of service (resource exhaustion) via a port scan to an external network, which consumes all available connections.
CVE-2002-0238 1 Netgear 1 Rt314 2025-04-03 N/A
Cross-site scripting vulnerability in web administration interface for NetGear RT314 and RT311 Gateway Routers allows remote attackers to execute arbitrary script on another client via a URL that contains the script.
CVE-2002-0243 1 Opera Software 1 Opera Web Browser 2025-04-03 N/A
Cross-site scripting vulnerability in Opera 6.0 and earlier allows remote attackers to execute arbitrary script via an Extended HTML Form, whose output from the remote server is not properly cleansed.
CVE-2002-0251 1 Licq 1 Licq 2025-04-03 N/A
Buffer overflow in licq 1.0.4 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long string of format string characters such as "%d".
CVE-2002-0247 1 Wliang 1 Wmtv 2025-04-03 N/A
Buffer overflows in wmtv 0.6.5 and earlier may allow local users to gain privileges.
CVE-2002-0249 1 Apache 1 Http Server 2025-04-03 N/A
PHP for Windows, when installed on Apache 2.0.28 beta as a standalone CGI module, allows remote attackers to obtain the physical path of the php.exe via a request with malformed arguments such as /123, which leaks the pathname in the error message.
CVE-2002-0261 1 Instantservers Inc. 1 Miniportal 2025-04-03 N/A
Directory traversal vulnerability in InstantServers MiniPortal 1.1.5 and earlier allows remote authenticated users to read arbitrary files via a ... (modified dot dot) in the GET command.
CVE-2002-0268 1 Identix 1 Biologon 2025-04-03 N/A
Identix BioLogon 3 allows users with physical access to the system to gain administrative privileges by using CTRL-ALT-DEL and running a "Browse" function, which runs Explorer with SYSTEM privileges.
CVE-2002-0275 1 Blueface 1 Falcon Web Server 2025-04-03 N/A
Falcon web server 2.0.0.1020 and earlier allows remote attackers to bypass authentication and read restricted files via an extra / (slash) in the requested URL.
CVE-2002-0277 1 Add2it 1 Mailman Free 2025-04-03 N/A
Add2it Mailman Free 1.73 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in the list parameter.
CVE-2002-0286 1 Sitenews 1 Sitenews 2025-04-03 N/A
The GetPassword function in function.php of SiteNews 0.10 and 0.11 allows remote attackers to gain privileges and add users by providing a non-existent user name and the MD5 checksum for an empty password to add_user.php, which causes GetPassword to produce and compare a blank password for the non-existent user.
CVE-2002-0297 1 Nombas 1 Scriptease Webserver 2025-04-03 N/A
Buffer overflow in ScriptEase MiniWeb Server 0.95 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long URL in an HTTP request.
CVE-2002-0299 1 Cnet 1 Catchup 2025-04-03 N/A
CNet CatchUp before 1.3.1 allows attackers to execute arbitrary code via a .RVP file that creates a file with an arbitrary extension (such as .BAT), which is executed during a scan.
CVE-2002-0763 1 Hp 1 Virtualvault 2025-04-03 N/A
Vulnerability in administration server for HP VirtualVault 4.5 on HP-UX 11.04 allows remote web servers or privileged external processes to bypass access restrictions and establish connections to the server.
CVE-2002-0764 1 Phorum 1 Phorum 2025-04-03 N/A
Phorum 3.3.2a allows remote attackers to execute arbitrary commands via an HTTP request to (1) plugin.php, (2) admin.php, or (3) del.php that modifies the PHORUM[settings_dir] variable to point to a directory that contains a PHP file with the commands.
CVE-2002-0774 1 Hosting Controller 1 Hosting Controller 2025-04-03 N/A
Hosting Controller creates a default user AdvWebadmin with a default password, which could allow remote attackers to gain privileges if the password is not changed.