Total
29755 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2002-1823 | 1 Lonerunner | 1 Zeroo Http Server | 2025-04-03 | N/A |
| Buffer overflow in the HttpGetRequest function in Zeroo HTTP server 1.5 allows remote attackers to execute arbitrary code via a long HTTP request. | ||||
| CVE-2002-1825 | 1 Wasd | 1 Wasd Http Server | 2025-04-03 | N/A |
| Format string vulnerability in PerlRTE_example1.pl in WASD 7.1, 7.2.0 through 7.2.3, and 8.0.0 allows remote attackers to execute arbitrary commands or crash the server via format strings in the $name variable. | ||||
| CVE-2002-1828 | 1 Savant | 1 Savant Webserver | 2025-04-03 | N/A |
| Savant Webserver 3.1 allows remote attackers to cause a denial of service (crash) via an HTTP GET request with a negative Content-Length value. | ||||
| CVE-2002-1856 | 1 Hp | 1 Application Server | 2025-04-03 | N/A |
| HP Application Server 8.0, when running on Windows, allows remote attackers to retrieve files in the WEB-INF directory, which contains Java class files and configuration information, via a request to the WEB-INF directory with a trailing dot ("WEB-INF."). | ||||
| CVE-2002-1840 | 1 Irssi | 1 Irssi | 2025-04-03 | N/A |
| irssi IRC client 0.8.4, when downloaded after 14-March-2002, could contain a backdoor in the configuration file, which allows remote attackers to access the system. | ||||
| CVE-2002-1842 | 1 Perlbot | 1 Perlbot | 2025-04-03 | N/A |
| Perlbot 1.0 beta allows remote attackers to execute arbitrary commands via shell metacharacters in (1) a word that is being spell checked or (2) an e-mail address. | ||||
| CVE-2002-1843 | 1 Perlbot | 1 Perlbot | 2025-04-03 | N/A |
| Perlbot 1.9.2 allows remote attackers to execute arbitrary commands via shell metacharacters in (1) the $text variable in SpelCheck.pm or (2) the $filename variable in HTMLPlog.pm. | ||||
| CVE-2002-1846 | 1 Yabb | 1 Yabb | 2025-04-03 | N/A |
| Yet Another Bulletin Board (YaBB) 1.40 and 1.41 does not require a user to submit the correct password before changing it to a new password, which allows remote attackers to modify passwords by stealing the cookie of another user, modifying the expiretime setting, and submitting the change in a profile2 action to index.php. | ||||
| CVE-2002-1870 | 1 Sws | 1 Sws Simple Web Server | 2025-04-03 | N/A |
| Simple Web Server (SWS) 0.0.4 through 0.1.0 does not properly handle when the recv function call fails, which may allow remote attackers to overwrite program data or perform actions on an uninitialized heap, leading to a denial of service and possibly code execution. | ||||
| CVE-2002-1867 | 1 Bizdesign | 1 Imagefolio | 2025-04-03 | N/A |
| The default configuration of BizDesign ImageFolio 2.23 through 2.26 does not control access to (1) admin/setup.cgi, which allows remote attackers to create an administrative account, or (2) admin/nph-build.cgi, which allows remote attackers to cause a denial of service (CPU consumption). | ||||
| CVE-2002-1871 | 1 Sun | 2 Solaris, Sunos | 2025-04-03 | N/A |
| pkgadd in Sun Solaris 2.5.1 through 8 installs files setuid/setgid root if the pkgmap file contains a "?" (question mark) in the (1) mode, (2) owner, or (3) group fields, which allows attackers to elevate privileges. | ||||
| CVE-2002-1897 | 1 Mywebserver | 1 Mywebserver | 2025-04-03 | N/A |
| MyWebServer LLC MyWebServer 1.0.2 allows remote attackers to cause a denial of service (crash) via a long HTTP request, possibly triggering a buffer overflow. | ||||
| CVE-2002-1904 | 1 Gaztek | 1 Ghttpd | 2025-04-03 | N/A |
| Buffer overflow in the Log function in util.c in GazTek ghttpd 1.4 through 1.4.3 allows remote attackers to execute arbitrary code via a long HTTP GET request. | ||||
| CVE-2002-1899 | 1 Icewarp | 1 Web Mail | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in IceWarp Web Mail 3.3.3 and 3.4.5 allows remote attackers to inject arbitrary web script or HTML via the "Full Name" (addressname) parameter. | ||||
| CVE-2002-1900 | 1 Pinboard | 1 Pinboard | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in Pinboard 1.0 allows remote attackers to inject arbitrary web script or HTML via tasklists. | ||||
| CVE-2002-1902 | 1 Markus Triska | 1 Cgiforum | 2025-04-03 | N/A |
| CGIForum 1.0 through 1.05 allows remote attackers to cause a denial of service (infinite recursion) by creating a message board post that is a child of an outdated parent. | ||||
| CVE-2002-1942 | 1 Imatix | 1 Xitami | 2025-04-03 | N/A |
| Imatix Xitami 2.5 b5 does not properly terminate certain Keep-Alive connections that have been broken or closed early, which allows remote attackers to cause a denial of service (crash) via a large number of concurrent sessions. | ||||
| CVE-2002-1943 | 1 Safetp | 1 Safetp Server | 2025-04-03 | N/A |
| SafeTP 1.46, when network address translation (NAT) is being used, leaks the internal IP address of the FTP server in a response to a passive mode (PASV) file transfer request. | ||||
| CVE-2002-1969 | 1 The Magic Notebook | 1 The Magic Notebook | 2025-04-03 | N/A |
| Magic Notebook 1.0b and 1.1b allows remote attackers to cause a denial of service (crash) via an invalid username during login. | ||||
| CVE-2002-1971 | 1 Sourcecraft | 1 Networking Utils | 2025-04-03 | N/A |
| The ping utility in networking_utils.php in Sourcecraft Networking_Utils 1.0 allows remote attackers to read arbitrary files via shell metacharacters in the Domain name or IP address argument. | ||||