|
354711
|
- |
|
leung
|
e-guest
|
Cross-site scripting (XSS) vulnerability in E-Guest_sign.pl in E-Guest 1.1 allows remote attackers to inject arbitrary SSI directives, web script, and HTML via the (1) full name, (2) email, (3) homep…
|
CWE-79
Cross-site Scripting
|
CVE-2002-2376
|
2008-09-6 05:33 |
2002-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
354712
|
- |
|
sephiroth32
|
zap_book
|
Cross-site scripting (XSS) vulnerability in addentry.cgi in ZAP 1.0.3 allows remote attackers to inject arbitrary SSi directives, web script, and HTML via the entry field.
|
CWE-79
Cross-site Scripting
|
CVE-2002-2377
|
2008-09-6 05:33 |
2002-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
354713
|
- |
|
nakata
|
an_httpd
|
Cross-site scripting (XSS) vulnerability in AN HTTP 1.41d allows remote attackers to inject arbitrary web script or HTML via a colon (:) in the query string, which is inserted into the resulting erro…
|
CWE-79
Cross-site Scripting
|
CVE-2002-2378
|
2008-09-6 05:33 |
2002-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
354714
|
- |
|
microsoft
|
network_firmware
|
NetDSL ADSL Modem 800 with Microsoft Network firmware 5.5.11 allows remote attackers to gain access to configuration menus by sniffing undocumented usernames and passwords from network traffic.
|
CWE-200
Information Exposure
|
CVE-2002-2380
|
2008-09-6 05:33 |
2002-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
354715
|
- |
|
ka-shu_wong
|
gtetrinet
|
Multiple buffer overflows in (1) tetrinet_inmessage, (2) speclist_add and (3) config-getthemeinfo of GTetrinet 0.4.3 and earlier allow remote attackers to casue a denial of service and possibly execu…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2002-2381
|
2008-09-6 05:33 |
2002-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
354716
|
- |
|
cvsup
|
cvsup
|
cvsupd.sh in CVSup 1.2 allows local users to overwrite arbitrary files and gain privileges via a symlink attack on /var/tmp/cvsupd.out.
|
CWE-59
Link Following
|
CVE-2002-2382
|
2008-09-6 05:33 |
2002-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
354717
|
- |
|
hotfoon_corporation
|
hotfoon
|
hotfoon4.exe in Hotfoon 4.00 stores user names and passwords in cleartext in the hotfoon2 registry key, which allows local users to gain access to user accounts and steal phone service.
|
CWE-255
Credentials Management
|
CVE-2002-2384
|
2008-09-6 05:33 |
2002-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
354718
|
- |
|
hotfoon_corporation
|
hotfoon
|
Buffer overflow in hotfoon4.exe in Hotfoon 4.0 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a URL containing a long voice phone number.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2002-2385
|
2008-09-6 05:33 |
2002-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
354719
|
- |
|
xoops
|
xoops
|
Cross-site scripting (XSS) vulnerability in the Quizz module for XOOPS 1.0, when allowing on-line question development, allows remote attackers to inject arbitrary web script or HTML via a javascript…
|
CWE-79
Cross-site Scripting
|
CVE-2002-2386
|
2008-09-6 05:33 |
2002-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
354720
|
- |
|
mollensoft_software
|
hyperion_ftp_server
|
Directory traversal vulnerability in Hyperion FTP server 2.8.1 allows remote attackers to read arbitrary files via a .. (dot dot) in the LS command.
|
CWE-22
Path Traversal
|
CVE-2002-2387
|
2008-09-6 05:33 |
2002-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
