Vulnerabilities (CVE)

CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2002-0589 1 Steve Korbett 1 Pvote 2008-09-05 7.5 HIGH N/A
PVote before 1.9 allows remote attackers to change the administrative password and gain privileges by directly calling ch_info.php with the newpass and confirm parameters both set to the new password.
CVE-2002-0590 1 Icredibb 1 Icredibb 2008-09-05 7.5 HIGH N/A
Cross-site scripting (CSS) vulnerability in IcrediBB 1.1 Beta allows remote attackers to execute arbitrary script and steal cookies as other IcrediBB users via the (1) title or (2) body of posts.
CVE-2002-0591 1 Aol 1 Instant Messenger 2008-09-05 5.0 MEDIUM N/A
Directory traversal vulnerability in AOL Instant Messenger (AIM) 4.8 beta and earlier allows remote attackers to create arbitrary files and execute commands via a Direct Connection with an IMG tag with a SRC attribute that specifies the target filename.
CVE-2002-0593 2 Mozilla, Netscape 3 Mozilla, Communicator, Navigator 2008-09-05 7.5 HIGH N/A
Buffer overflow in Netscape 6 and Mozilla 1.0 RC1 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long channel name in an IRC URI.
CVE-2002-0594 3 Galeon, Mozilla, Netscape 3 Galeon Browser, Mozilla, Navigator 2008-09-05 5.0 MEDIUM N/A
Netscape 6 and Mozilla 1.0 RC1 and earlier allows remote attackers to determine the existence of files on the client system via a LINK element in a Cascading Style Sheet (CSS) page that causes an HTTP redirect.
CVE-2002-0595 1 Webtrends 1 Reporting Center 2008-09-05 7.5 HIGH N/A
Buffer overflow in WTRS_UI.EXE (WTX_REMOTE.DLL) for WebTrends Reporting Center 4.0d allows remote attackers to execute arbitrary code via a long HTTP GET request to the /reports/ directory.
CVE-2002-0598 1 Foundstone 1 Fscan 2008-09-05 7.5 HIGH N/A
Format string vulnerability in Foundstone FScan 1.12 with banner grabbing enabled allows remote attackers to execute arbitrary code on the scanning system via format string specifiers in the server banner.
CVE-2002-0599 1 Blahz-dns 1 Blahz-dns 2008-09-05 10.0 HIGH N/A
Blahz-DNS 0.2 and earlier allows remote attackers to bypass authentication and modify configuration by directly requesting CGI programs such as dostuff.php instead of going through the login screen.
CVE-2002-0601 1 Information Security Systems 1 Realsecure Network Sensor 2008-09-05 5.0 MEDIUM N/A
ISS RealSecure Network Sensor 5.x through 6.5 allows remote attackers to cause a denial of service (crash) via malformed DHCP packets that cause RealSecure to dereference a null pointer.
CVE-2002-0606 1 3com 1 3cdaemon 2008-09-05 7.5 HIGH N/A
Buffer overflow in 3Cdaemon 2.0 FTP server allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via long commands such as login.
CVE-2002-0607 1 Snitz Communications 1 Snitz Forums 2000 2008-09-05 7.5 HIGH N/A
members.asp in Snitz Forums 2000 version 3.3.03 and earlier allows remote attackers to execute arbitrary code via a SQL injection attack on the parameters (1) M_NAME, (2) UserName, (3) FirstName, (4) LastName, or (5) INITIAL.
CVE-2002-0608 1 Matu 1 Matu Ftp 2008-09-05 7.5 HIGH N/A
Buffer overflow in Matu FTP client 1.74 allows remote FTP servers to execute arbitrary code via a long "220" banner.
CVE-2002-0609 1 Hp 1 Mpe Ix 2008-09-05 5.0 MEDIUM N/A
Vulnerability in HP MPE/iX 6.0 through 7.0 allows attackers to cause a denial of service (system failure with "SA1457 out of i_port_timeout.fix_up_message_frame") via malformed IP packets.
CVE-2002-0610 1 Hp 1 Mpe Ix 2008-09-05 7.5 HIGH N/A
Vulnerability in FTPSRVR in HP MPE/iX 6.0 through 7.0 does not properly validate certain FTP commands, which allows attackers to gain privileges.
CVE-2002-0611 1 Craig Patchett 1 Fileseek 2008-09-05 5.0 MEDIUM N/A
Directory traversal vulnerability in FileSeek.cgi allows remote attackers to read arbitrary files via a ....// (modified dot dot) in the (1) head or (2) foot parameters, which are not properly filtered.
CVE-2002-0612 1 Craig Patchett 1 Fileseek 2008-09-05 7.5 HIGH N/A
FileSeek.cgi allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) head or (2) foot parameters.
CVE-2002-0613 1 Dnstools Software 1 Dnstools 2008-09-05 10.0 HIGH N/A
dnstools.php for DNSTools 2.0 beta 4 and earlier allows remote attackers to bypass authentication and gain privileges by setting the user_logged_in or user_dnstools_administrator parameters.
CVE-2002-0614 1 Php-survey 1 Php-survey 2008-09-05 5.0 MEDIUM N/A
PHP-Survey 20000615 and earlier stores the global.inc file under the web root, which allows remote attackers to obtain sensitive information, including database credentials, if .inc files are not preprocessed by the server.
CVE-2002-0626 1 Polycom 8 Viewstation 128, Viewstation 512, Viewstation Dcp and 5 more 2008-09-05 10.0 HIGH N/A
Polycom ViewStation before 7.2.4 has a default null password for the administrator account, which allows arbitrary users to conduct unauthorized activities.
CVE-2002-0627 1 Polycom 8 Viewstation 128, Viewstation 512, Viewstation Dcp and 5 more 2008-09-05 7.5 HIGH N/A
The Web server for Polycom ViewStation before 7.2.4 allows remote attackers to bypass authentication and read files via Unicode encoded requests.