|
348461
|
- |
|
independent_solution
|
simple_site_searcher
super_site_searcher
|
site_searcher.cgi in Super Site Searcher allows remote attackers to execute arbitrary commands via shell metacharacters in the page parameter.
|
CWE-20
Improper Input Validation
|
CVE-2002-2420
|
2008-09-6 05:33 |
2002-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
348462
|
- |
|
andrey_cherezov
|
acweb
|
acWEB 1.14 allows remote attackers to cause a denial of service (crash) via an HTTP request for a MS-DOS device name such as COM2.
|
CWE-20
Improper Input Validation
|
CVE-2002-2421
|
2008-09-6 05:33 |
2002-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
348463
|
- |
|
compaq
|
insight_management_agent
|
Cross-site scripting (XSS) vulnerability in Compaq Insight Management Agents 2.0, 2.1, 3.6.0, 4.2 and 4.3.7 allows remote attackers to inject arbitrary web script or HTML via a URL, which inserts the…
|
CWE-79
Cross-site Scripting
|
CVE-2002-2422
|
2008-09-6 05:33 |
2002-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
348464
|
- |
|
sendmail
|
sendmail
|
Sendmail 8.12.0 through 8.12.6 truncates log messages longer than 100 characters, which allows remote attackers to prevent the IP address from being logged via a long IDENT response.
|
CWE-20
Improper Input Validation
|
CVE-2002-2423
|
2008-09-6 05:33 |
2002-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
348465
|
- |
|
ekilat_llc
|
php\(reactor\)
|
Cross-site scripting (XSS) vulnerability in PHP(Reactor) 1.2.7 pl1 allows remote attackers to inject arbitrary web script or HTML via Javascript in the style attribute of an HTML tag.
|
CWE-79
Cross-site Scripting
|
CVE-2002-2424
|
2008-09-6 05:33 |
2002-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
348466
|
- |
|
sun
|
solaris_answerbook2
|
Sun AnswerBook2 1.2 through 1.4.2 allows remote attackers to execute administrative scripts such as (1) AdminViewError and (2) AdminAddadmin via a direct request.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2002-2425
|
2008-09-6 05:33 |
2002-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
348467
|
- |
|
linux
|
linux_kernel
|
ifconfig, when used on the Linux kernel 2.2 and later, does not report when the network interface is in promiscuous mode if it was put in promiscuous mode using PACKET_MR_PROMISC, which could allow a…
|
NVD-CWE-Other
|
CVE-2002-1976
|
2008-09-6 05:32 |
2002-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
348468
|
- |
|
pgp
|
pgp
|
Network Associates PGP 7.0.4 and 7.1 does not time out according to the value set in the "Passphrase Cache" option, which could allow attackers to open encrypted files without providing a passphrase.
|
NVD-CWE-Other
|
CVE-2002-1977
|
2008-09-6 05:32 |
2002-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
348469
|
- |
|
microsoft
|
sql_server
|
Microsoft SQL Server 2000 through SQL Server 2000 SP2 allows the "public" role to execute the (1) sp_MSSetServerProperties or (2) sp_MSsetalertinfo stored procedures, which allows attackers to modify…
|
NVD-CWE-Other
|
CVE-2002-1981
|
2008-09-6 05:32 |
2002-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
348470
|
- |
|
icecast
|
icecast
|
Directory traversal vulnerability in the list_directory function in Icecast 1.3.12 allows remote attackers to determine if a directory exists via a .. (dot dot) in the GET request, which returns diff…
|
NVD-CWE-Other
|
CVE-2002-1982
|
2008-09-6 05:32 |
2002-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
