|
353501
|
- |
|
php
|
php
|
move_uploaded_file in PHP does not does not check for the base directory (open_basedir), which could allow remote attackers to upload files to unintended locations on the system.
|
NVD-CWE-Other
|
CVE-2002-0484
|
2016-10-18 11:20 |
2002-08-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
353502
|
- |
|
linux_directory_penguin
|
nslookup
|
Linux Directory Penguin NsLookup CGI script (nslookup.pl) 1.0 allows remote attackers to execute arbitrary code via shell metacharacters in the (1) query or (2) type parameters.
|
NVD-CWE-Other
|
CVE-2002-0489
|
2016-10-18 11:20 |
2002-08-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
353503
|
- |
|
phpbb_group
|
phpbb
|
phpBB 1.4.4 and earlier with BBcode allows remote attackers to cause a denial of service (CPU consumption) and corrupt the database via null \0 characters within [code] tags.
|
NVD-CWE-Other
|
CVE-2002-0533
|
2016-10-18 11:20 |
2002-08-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
353504
|
- |
|
openbsd
|
openbsd
|
mail in OpenBSD 2.9 and 3.0 processes a tilde (~) escape character in a message even when it is not in interactive mode, which could allow local users to gain root privileges via calls to mail in cro…
|
NVD-CWE-Other
|
CVE-2002-0542
|
2016-10-18 11:20 |
2002-07-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
353505
|
- |
|
oracle
|
application_server
application_server_web_cache
oracle8i
oracle9i
|
PL/SQL module 3.0.9.8.2 in Oracle 9i Application Server 1.0.2.x allows remote attackers to obtain sensitive information via the OWA_UTIL stored procedures (1) OWA_UTIL.signature, (2) OWA_UTIL.listpri…
|
NVD-CWE-Other
|
CVE-2002-0560
|
2016-10-18 11:20 |
2002-07-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
353506
|
- |
|
oracle
|
application_server
application_server_web_cache
oracle8i
oracle9i
|
The default configuration of the PL/SQL Gateway web administration interface in Oracle 9i Application Server 1.0.2.x uses null authentication, which allows remote attackers to gain privileges and mod…
|
NVD-CWE-Other
|
CVE-2002-0561
|
2016-10-18 11:20 |
2002-07-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
353507
|
- |
|
oracle
|
application_server
application_server_web_cache
oracle9i
|
The default configuration of Oracle 9i Application Server 1.0.2.x running Oracle JSP or SQLJSP stores globals.jsa under the web root, which allows remote attackers to gain sensitive information inclu…
|
NVD-CWE-Other
|
CVE-2002-0562
|
2016-10-18 11:20 |
2002-07-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
353508
|
- |
|
oracle
|
application_server
application_server_web_cache
oracle8i
oracle9i
|
PL/SQL module 3.0.9.8.2 in Oracle 9i Application Server 1.0.2.x allows remote attackers to bypass authentication for a Database Access Descriptor (DAD) by modifying the URL to reference an alternate …
|
NVD-CWE-Other
|
CVE-2002-0564
|
2016-10-18 11:20 |
2002-07-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
353509
|
- |
|
oracle
|
application_server
oracle8i
oracle9i
|
Oracle 9i Application Server stores XSQL and SOAP configuration files insecurely, which allows local users to obtain sensitive information including usernames and passwords by requesting (1) XSQLConf…
|
NVD-CWE-Other
|
CVE-2002-0568
|
2016-10-18 11:20 |
2002-07-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
353510
|
- |
|
oracle
|
application_server
|
Oracle 9i Application Server allows remote attackers to bypass access restrictions for configuration files via a direct request to the XSQL Servlet (XSQLServlet).
|
NVD-CWE-Other
|
CVE-2002-0569
|
2016-10-18 11:20 |
2002-07-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
