Total
29908 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2002-1735 | 1 Davin Mccall | 1 Dlogin | 2026-06-16 | 7.2 HIGH | N/A |
| Buffer overflow in dlogin 1.0a could allow local users to gain privileges via unknown attack vectors. | |||||
| CVE-2002-1734 | 1 Aspbin | 1 Newspro | 2026-06-16 | 10.0 HIGH | N/A |
| NewsPro 1.01 allows remote attackers to gain unauthorized administrator access by setting their authentication cookie to "logged,true". | |||||
| CVE-2002-1733 | 1 Prospero Technologies | 1 Prospero Message Board | 2026-06-16 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the web-based message board in Prospero Technologies allows remote attackers to inject arbitrary web script or HTML via a message board post. | |||||
| CVE-2002-1732 | 1 Actinic | 1 Actinic Catalog | 2026-06-16 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Actinic Catalog 4.7.0 allow remote attackers to inject arbitrary web script or HTML via (1) the query string argument to certain .pl files, (2) the REFPAGE parameter to ca000007.pl, (3) PRODREF parameter to ss000007.pl, or (4) hop parameter to ca000001.pl. | |||||
| CVE-2002-1731 | 1 Ibm | 1 Os 400 | 2026-06-16 | 2.1 LOW | N/A |
| The System Request menu in IBM AS/400 allows local users to list valid user accounts by viewing the object names that are type USRPRF. | |||||
| CVE-2002-1730 | 1 Aspjar | 1 Aspjar Guestbook | 2026-06-16 | 5.0 MEDIUM | N/A |
| ASPjar Guestbook 1.00 allows remote attackers to delete arbitrary messages accessing the delete.asp administrative script with certain cookie values set to "true". | |||||
| CVE-2002-1729 | 1 Aspjar | 1 Aspjar Guestbook | 2026-06-16 | 6.8 MEDIUM | N/A |
| Cross-site scripting vulnerability (XSS) in ASPjar Guestbook 1.00 allows remote attackers to execute arbitrary script as other users via the "web site" parameter in a guestbook message. | |||||
| CVE-2002-1728 | 1 Asksam Systems | 1 Asksam Web Publisher | 2026-06-16 | 5.0 MEDIUM | N/A |
| askSam Web Publisher 1.0 and 4.0 allows remote attackers to determine the full path to the web root directory via a request for a file that does not exist, which generates an error message that reveals the full path. | |||||
| CVE-2002-1727 | 1 Asksam Systems | 1 Asksam Web Publisher | 2026-06-16 | 6.8 MEDIUM | N/A |
| Cross-site scripting vulnerability (XSS) in (1) as_web.exe and (2) as_web4.exe in askSam Web Publisher 1 and 4 allows remote attackers to execute arbitrary script as other users via a URL. | |||||
| CVE-2002-1726 | 1 Brokenbytes | 1 Photodb | 2026-06-16 | 7.5 HIGH | N/A |
| secure_inc.php in PhotoDB 1.4 allows remote attackers to bypass authentication via a URL with a large Time parameter, non-empty rmtusername and rmtpassword parameter, and an accesslevel parameter that is lower than the access level of the requested page. | |||||
| CVE-2002-1725 | 1 Onlinetools.org | 1 Phpimageview | 2026-06-16 | 5.0 MEDIUM | N/A |
| phpimageview.php in PHPImageView 1.0 allows remote attackers to obtain sensitive information via the pw=show option, which invokes the phpinfo function. | |||||
| CVE-2002-1724 | 1 Onlinetools.org | 1 Phpimageview | 2026-06-16 | 6.8 MEDIUM | N/A |
| Cross-site scripting vulnerability (XSS) in phpimageview.php for PHPImageView 1.0 allows remote attackers to execute arbitrary script as other users via the pic parameter. | |||||
| CVE-2002-1723 | 1 Powerboards | 1 Powerboards | 2026-06-16 | 5.0 MEDIUM | N/A |
| Powerboards 2.2b allows remote attackers to view the full path to the backend database by sending a cookie containing a non-existent username to profiles.php, which displays the full path in the error message. | |||||
| CVE-2002-1722 | 1 Logitech | 3 Cordless Freedom Itouch Keyboard, Cordless Itouch Keyboard, Itouch Keyboard | 2026-06-16 | 4.6 MEDIUM | N/A |
| Logitech iTouch keyboards allows attackers with physical access to the system to bypass the screen locking function and execute user-defined commands that have been assigned to a button. | |||||
| CVE-2002-1720 | 1 Outfront | 1 Spooky Login | 2026-06-16 | 7.5 HIGH | N/A |
| SQL injection vulnerability in Spooky Login 2.0 through 2.5 allows remote attackers to bypass authentication and gain privileges via the password field. | |||||
| CVE-2002-1719 | 1 Bavo | 1 Bavo | 2026-06-16 | 5.0 MEDIUM | N/A |
| Unknown vulnerability in Bavo 0.3 allows remote attackers to modify posted messages. | |||||
| CVE-2002-1715 | 1 Ssh | 2 Ssh, Ssh2 | 2026-06-16 | 7.2 HIGH | N/A |
| SSH 1 through 3, and possibly other versions, allows local users to bypass restricted shells such as rbash or rksh by uploading a script to a world-writeable directory, then executing that script to gain normal shell access. | |||||
| CVE-2002-1714 | 1 Microsoft | 2 Ie, Internet Explorer | 2026-06-16 | 5.0 MEDIUM | N/A |
| Microsoft Internet Explorer 5.0 through 6.0 allows remote attackers to cause a denial of service (crash) via an object of type "text/html" with the DATA field that identifies the HTML document that contains the object, which may cause infinite recursion. | |||||
| CVE-2002-1712 | 1 Microsoft | 2 Windows 2000, Windows Nt | 2026-06-16 | 5.0 MEDIUM | N/A |
| Microsoft Windows 2000 allows remote attackers to cause a denial of service (memory consumption) by sending a flood of empty TCP/IP packets with the ACK and FIN bits set to the NetBIOS port (TCP/139), as demonstrated by stream3. | |||||
| CVE-2002-1711 | 1 Basilix | 1 Basilix Webmail | 2026-06-16 | 2.1 LOW | N/A |
| BasiliX 1.1.0 saves attachments in a world readable /tmp/BasiliX directory, which allows local users to read other users' attachments. | |||||