|
355601
|
- |
|
research_systems_inc.
|
ion_script
|
Directory traversal vulnerability in ion-p.exe (aka ion-p) allows remote attackers to read arbitrary files via (1) C: (drive letter) or (2) .. (dot-dot) sequences in the page parameter.
|
NVD-CWE-Other
|
CVE-2002-1559
|
2008-09-6 05:30 |
2003-03-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
355602
|
- |
|
martin_bauer
|
gbook
|
index.php in gBook 1.4 allows remote attackers to bypass authentication and gain administrative privileges by setting the login parameter to true.
|
NVD-CWE-Other
|
CVE-2002-1560
|
2008-09-6 05:30 |
2003-03-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
355603
|
- |
|
mailreader.com
|
mailreader.com
|
compose.cgi in Mailreader.com 2.3.30 and 2.3.31, when using Sendmail as the Mail Transfer Agent, allows remote attackers to execute arbitrary commands via shell metacharacters in the RealEmail config…
|
NVD-CWE-Other
|
CVE-2002-1582
|
2008-09-6 05:30 |
2004-12-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
355604
|
- |
|
ibm
|
db2_universal_database
|
Buffer overflow in sqllib/security/db2ckpw for IBM DB2 Universal Database 6.0 and 7.0 allows local users to execute arbitrary code via a long username that is read from a file descriptor argument.
|
NVD-CWE-Other
|
CVE-2002-1583
|
2008-09-6 05:30 |
2004-09-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
355605
|
- |
|
mozilla
|
bugzilla
|
Bugzilla 2.14 before 2.14.2, and 2.16 before 2.16rc2, allows authenticated users with editing privileges to delete other users by directly calling the editusers.cgi script with the "del" option.
|
NVD-CWE-Other
|
CVE-2002-0806
|
2008-09-6 05:29 |
2002-08-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
355606
|
- |
|
mozilla
|
bugzilla
|
Bugzilla 2.14 before 2.14.2, and 2.16 before 2.16rc2, when performing a mass change, sets the groupset of all bugs to the groupset of the first bug, which could inadvertently cause insecure groupset …
|
NVD-CWE-Other
|
CVE-2002-0808
|
2008-09-6 05:29 |
2002-08-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
355607
|
- |
|
mozilla
|
bugzilla
|
Bugzilla 2.14 before 2.14.2, and 2.16 before 2.16rc2, does not properly handle URL-encoded field names that are generated by some browsers, which could cause certain fields to appear to be unset, whi…
|
NVD-CWE-Other
|
CVE-2002-0809
|
2008-09-6 05:29 |
2002-08-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
355608
|
- |
|
mozilla
|
bugzilla
|
Bugzilla 2.14 before 2.14.2, and 2.16 before 2.16rc2, directs error messages from the syncshadowdb command to the HTML output, which could leak sensitive information, including plaintext passwords, i…
|
NVD-CWE-Other
|
CVE-2002-0810
|
2008-09-6 05:29 |
2002-08-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
355609
|
- |
|
padl_software
|
nss_ldap
|
Buffer overflow in the DNS SRV code for nss_ldap before nss_ldap-198 allows remote attackers to cause a denial of service and possibly execute arbitrary code.
|
NVD-CWE-Other
|
CVE-2002-0825
|
2008-09-6 05:29 |
2002-08-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
355610
|
- |
|
caldera
|
unixware
openunix
|
Vulnerability in pppd on UnixWare 7.1.1 and Open UNIX 8.0.0 allows local users to gain root privileges via (1) ppptalk or (2) ppp, a different vulnerability than CVE-2002-0824.
|
NVD-CWE-Other
|
CVE-2002-0827
|
2008-09-6 05:29 |
2002-08-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
