Search Results (351250 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2002-1678 1 Jelsoft 1 Vbulletin 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in memberlist.php in Jelsoft vBulletin 2.0 rc 2 through 2.2.4 allows remote attackers to steal authentication credentials by injecting script into $letterbits.
CVE-2002-1679 1 Jelsoft 1 Vbulletin 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in Jelsoft vBulletin 2.2.0 allows remote attackers to execute arbitrary script as other users by injecting script into a bulletin board message.
CVE-2002-1680 1 Cows 1 Cgi Online Worldweb Shopping 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in CGI Online Worldweb Shopping 1.1 (a.k.a. COWS) allows remote attackers to execute arbitrary script as other users by injecting script into (1) diagnose.cgi or (2) compatible.cgi.
CVE-2002-1681 1 Open Source Development Network 1 Slashcode 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in Slashcode CVS releases June 17 through July 1 2002 allows remote attackers to execute arbitrary script as other users by injecting script into the paragraph <P> tag.
CVE-2002-1691 1 Alcatel-lucent 1 Omnipcx 2026-04-16 N/A
Alcatel OmniPCX 4400 installs known user accounts and passwords in the /etc/password file by default, which allows remote attackers to gain unauthorized access.
CVE-2002-1686 1 Ibm 1 Aix 2026-04-16 N/A
Buffer overflow in lscfg of unknown versions of AIX has unknown impact.
CVE-2002-1702 1 Deltascripts 1 Php Classifieds 2026-04-16 N/A
Cross-site scripting vulnerability (XSS) in DeltaScripts PHP Classifieds 6.0.5 allows remote attackers to execute arbitrary script as other users via the URL parameter.
CVE-2002-1703 1 Mewsoft 1 Netauction 2026-04-16 N/A
Cross-site scripting vulnerability (XSS) in auction.cgi for Mewsoft NetAuction 3.0 allows remote attackers to execute arbitrary script as other users via the Term parameter.
CVE-2002-1709 1 Basilix 1 Basilix Webmail 2026-04-16 N/A
SQL injection vulnerability in BasiliX Webmail 1.10 allows remote attackers to obtain sensitive information or possibly modify data via the id variable.
CVE-2002-1710 1 Basilix 1 Basilix Webmail 2026-04-16 N/A
The attachment capability in Compose Mail in BasiliX Webmail 1.1.0 does not check whether the attachment was uploaded by the user or came from a HTTP POST, which could allow local users to steal sensitive information like a password file.
CVE-2002-1711 1 Basilix 1 Basilix Webmail 2026-04-16 N/A
BasiliX 1.1.0 saves attachments in a world readable /tmp/BasiliX directory, which allows local users to read other users' attachments.
CVE-2002-1720 1 Outfront 1 Spooky Login 2026-04-16 N/A
SQL injection vulnerability in Spooky Login 2.0 through 2.5 allows remote attackers to bypass authentication and gain privileges via the password field.
CVE-2002-1719 1 Bavo 1 Bavo 2026-04-16 N/A
Unknown vulnerability in Bavo 0.3 allows remote attackers to modify posted messages.
CVE-2002-1721 1 Pldaniels 1 Altermime 2026-04-16 7.5 High
Off-by-one error in alterMIME 0.1.10 and 0.1.11 allows remote attackers to cause a denial of service (crash) via an x-header that causes snprintf overwrite the FFGET_FILE variable with a (null) byte.
CVE-2002-1729 1 Aspjar 1 Aspjar Guestbook 2026-04-16 N/A
Cross-site scripting vulnerability (XSS) in ASPjar Guestbook 1.00 allows remote attackers to execute arbitrary script as other users via the "web site" parameter in a guestbook message.
CVE-2006-4280 1 Mambo 1 Anjel Component 2026-04-16 N/A
PHP remote file inclusion vulnerability in anjel.index.php in ANJEL (formerly MaMML) Component (com_anjel) for Mambo allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter. NOTE: this issue has been disputed by a third party, who says that $mosConfig_absolute_path is set in a configuration file
CVE-2002-1728 1 Asksam Systems 1 Asksam Web Publisher 2026-04-16 N/A
askSam Web Publisher 1.0 and 4.0 allows remote attackers to determine the full path to the web root directory via a request for a file that does not exist, which generates an error message that reveals the full path.
CVE-2002-1752 1 Cgiscript 1 Cschat-r-box 2026-04-16 N/A
csChatRBox.cgi in CGIScript.net csChat-R-Box allows remote attackers to execute arbitrary Perl code via the setup parameter, which is processed by the Perl eval function.
CVE-2002-1751 1 Cgiscript.net 1 Cslivesupport 2026-04-16 N/A
csLiveSupport.cgi in CGIScript.net csLiveSupport allows remote attackers to execute arbitrary Perl code via the setup parameter, which is processed by the Perl eval function.
CVE-2005-3702 1 Apple 2 Mac Os X, Mac Os X Server 2026-04-16 N/A
Safari in Mac OS X and OS X Server 10.3.9 and 10.4.3 allows remote attackers to cause files to be downloaded to locations outside the download directory via a long file name.