|
351621
|
- |
|
oracle
|
application_server
|
Oracle 9i Application Server 9.0.2 stores the web cache administrator interface password in plaintext, which allows remote attackers to gain access.
|
CWE-255
Credentials Management
|
CVE-2002-2345
|
2008-09-6 05:32 |
2002-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
351622
|
- |
|
phpbb
|
phpbb
|
phpBB 2.0 through 2.0.3 generates names for uploaded avatar files with the hex-encoded IP address of the client system, which allows remote attackers to obtain client IP addresses.
|
CWE-200
Information Exposure
|
CVE-2002-2346
|
2008-09-6 05:32 |
2002-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
351623
|
- |
|
oracle
|
application_server
|
Cross-site scripting (XSS) vulnerability in Oracle Java Server Page (OJSP) demo files (1) hellouser.jsp, (2) welcomeuser.jsp and (3) usebean.jsp in Oracle 9i Application Server 9.0.2, 1.0.2.2, 1.0.2.…
|
CWE-79
Cross-site Scripting
|
CVE-2002-2347
|
2008-09-6 05:32 |
2002-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
351624
|
- |
|
authoria
|
authoria
|
Cross-site scripting (XSS) vulnerability in athcgi.exe in Authoria HR allows remote attackers to inject arbitrary web script or HTML via the command parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2002-2348
|
2008-09-6 05:32 |
2002-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
351625
|
- |
|
phpbb
|
phpbbmod
|
phpinfo.php in phpBBmod 1.3.3 executes the phpinfo function, which allows remote attackers to obtain sensitive environment information.
|
CWE-200
Information Exposure
|
CVE-2002-2349
|
2008-09-6 05:32 |
2002-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
351626
|
- |
|
phpoutsourcing
|
zorum
|
Cross-site scripting (XSS) vulnerability in z_user_show.php in dbtreelistproperty_method.php in Zorum 2.4 allows remote attackers to inject arbitrary web script or HTML via the class parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2002-2350
|
2008-09-6 05:32 |
2002-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
351627
|
- |
|
qualcomm
|
eudora
|
Eudora 5.1 allows remote attackers to bypass security warnings and possibly execute arbitrary code via attachments with names containing a trailing "." (dot).
|
CWE-22
Path Traversal
|
CVE-2002-2351
|
2008-09-6 05:32 |
2002-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
351628
|
- |
|
aol
|
instant_messenger
|
AOL Instant Messenger (AIM) 4.7.2480 adds free.aol.com to the Trusted Sites Zone in Internet Explorer without user approval, which could allow code from free.aol.com to bypass intended access restric…
|
NVD-CWE-Other
|
CVE-2002-1591
|
2008-09-6 05:31 |
2002-04-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
351629
|
- |
|
ibm
|
aix
|
Buffer overflow in the file_comp function in rcp for IBM AIX 4.3.x and 5.1 allows remote attackers to execute arbitrary code.
|
NVD-CWE-Other
|
CVE-2002-1621
|
2008-09-6 05:31 |
2002-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
351630
|
- |
|
oracle
|
application_server
|
SQL injection vulnerability in the query.xsql sample page in Oracle 9i Application Server (9iAS) allows remote attackers to execute arbitrary code via the sql parameter.
|
NVD-CWE-Other
|
CVE-2002-1631
|
2008-09-6 05:31 |
2002-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
