|
350021
|
- |
|
workforceroi
|
xpede
|
Intellisol Xpede 4.1 stores passwords in plaintext in a Javascript "session timeout" re-authentication capability, which could allow local users with access to gain privileges of other Xpede users by…
|
NVD-CWE-Other
|
CVE-2002-0487
|
2008-09-6 05:28 |
2002-08-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
350022
|
- |
|
instant_web_mail
|
instant_web_mail
|
Instant Web Mail before 0.60 does not properly filter CR/LF sequences, which allows remote attackers to (1) execute arbitrary POP commands via the id parameter in message.php, or (2) modify certain m…
|
NVD-CWE-Other
|
CVE-2002-0490
|
2008-09-6 05:28 |
2002-08-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
350023
|
- |
|
alguest
|
alguest
|
admin.php in AlGuest 1.0 guestbook checks for the existence of the admin cookie to authenticate the AlGuest administrator, which allows remote attackers to bypass the authentication and gain privileg…
|
NVD-CWE-Other
|
CVE-2002-0491
|
2008-09-6 05:28 |
2002-08-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
350024
|
- |
|
dcscripts
|
dcshop
|
dcshop.cgi in DCShop 1.002 Beta allows remote attackers to delete arbitrary setup files via a null character in the database parameter.
|
NVD-CWE-Other
|
CVE-2002-0492
|
2008-09-6 05:28 |
2002-08-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
350025
|
- |
|
websight_directory_system
|
websight_directory_system
|
Cross-site scripting vulnerability in WebSight Directory System 0.1 allows remote attackers to execute arbitrary Javascript and gain access to the WebSight administrator via a new link submission con…
|
NVD-CWE-Other
|
CVE-2002-0494
|
2008-09-6 05:28 |
2002-08-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
350026
|
- |
|
websight_directory_system
|
websight_directory_system
|
This vulnerability is addressed in the following product release:
WebSight Directory System, WebSight Directory System, 0.1.1
|
NVD-CWE-Other
|
CVE-2002-0494
|
2008-09-6 05:28 |
2002-08-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
350027
|
- |
|
southwest
|
southwest
|
The HTTP server for SouthWest Talker server 1.0.0 allows remote attackers to cause a denial of service (server crash) via a malformed URL to port 5002.
|
NVD-CWE-Other
|
CVE-2002-0496
|
2008-09-6 05:28 |
2002-08-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
350028
|
- |
|
mtr
|
mtr
|
Buffer overflow in mtr 0.46 and earlier, when installed setuid root, allows local users to access a raw socket via a long MTR_OPTIONS environment variable.
|
NVD-CWE-Other
|
CVE-2002-0497
|
2008-09-6 05:28 |
2002-08-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
350029
|
- |
|
etnus
|
totalview
|
Etnus TotalView 5.0.0-4 installs certain files with UID 5039 and GID 59, which could allow local users with that UID or GID to modify the files and gain privileges as other TotalView users.
|
NVD-CWE-Other
|
CVE-2002-0498
|
2008-09-6 05:28 |
2002-08-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
350030
|
- |
|
linux
|
linux_kernel
|
The d_path function in Linux kernel 2.2.20 and earlier, and 2.4.18 and earlier, truncates long pathnames without generating an error, which could allow local users to force programs to perform inappr…
|
NVD-CWE-Other
|
CVE-2002-0499
|
2008-09-6 05:28 |
2002-08-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
