|
348841
|
- |
|
phplinkat
|
phplinkat
|
Cross-site scripting (XSS) vulnerability in (1) showcat.php and (2) addyoursite.php in phpLinkat 0.1.0 allows remote attackers to inject arbitrary web script or HTML via the catid parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2002-2321
|
2008-09-6 05:32 |
2002-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
348842
|
- |
|
ultimate_php_board
|
ultimate_php_board
|
Ultimate PHP Board (UPB) 1.0b stores the users.dat data file under the web root with insufficient access control, which allows remote attackers to obtain usernames and passwords.
|
CWE-20
Improper Input Validation
|
CVE-2002-2322
|
2008-09-6 05:32 |
2002-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
348843
|
- |
|
microsoft
|
windows_xp
|
The "System Restore" directory and subdirectories, and possibly other subdirectories in the "System Volume Information" directory on Windows XP Professional, have insecure access control list (ACL) p…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2002-2324
|
2008-09-6 05:32 |
2002-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
348844
|
- |
|
university_of_washington
|
pine
|
The c-client library in Internet Message Access Protocol (IMAP) dated before 2002 RC2, as used by Pine 4.20 through 4.44, allows remote attackers to cause a denial of service (client crash) via a MIM…
|
CWE-20
Improper Input Validation
|
CVE-2002-2325
|
2008-09-6 05:32 |
2002-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
348845
|
- |
|
apple
|
mac_os_x
|
The default configuration of Mail.app in Mac OS X 10.0 through 10.0.4 and 10.1 through 10.1.5 sends iDisk authentication credentials in cleartext when connecting to Mac.com, which could allow remote …
|
CWE-310
Cryptographic Issues
|
CVE-2002-2326
|
2008-09-6 05:32 |
2002-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
348846
|
- |
|
mirabilis
|
icq
|
ICQ client 2001b, 2002a and 2002b allows remote attackers to cause a denial of service (CPU consumption or crash) via a message with a large number of emoticons.
|
CWE-20
Improper Input Validation
|
CVE-2002-2329
|
2008-09-6 05:32 |
2002-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
348847
|
- |
|
cascadesoft
|
w3mail
|
W3Mail 1.0.2 through 1.0.5 with server side scripting (SSI) enabled in the attachments directory does not properly restrict the types of files that can be uploaded as attachments, which allows remote…
|
CWE-16
Configuration
|
CVE-2002-2331
|
2008-09-6 05:32 |
2002-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
348848
|
- |
|
opera_software
|
opera_web_browser
|
Buffer overflow in Opera 6.01 allows remote attackers to cause a denial of service (crash) via an IMG tag with large width and height attributes.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2002-2332
|
2008-09-6 05:32 |
2002-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
348849
|
- |
|
kde
|
kde
|
Buffer overflow in konqueror in KDE 2.1 through 3.0 and 3.0.2 allows remote attackers to cause a denial of service (crash) via an IMG tag with large width and height attributes.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2002-2333
|
2008-09-6 05:32 |
2002-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
348850
|
- |
|
joseph_allen
|
joe
|
Joe text editor 2.8 through 2.9.7 does not remove the group and user setuid bits for backup files, which could allow local users to execute arbitrary setuid and setgid root programs when root edits s…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2002-2334
|
2008-09-6 05:32 |
2002-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
