Vulnerabilities (CVE)

Filtered by NVD-CWE-Other
Total 29911 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2002-0556 1 Deep Forest Software 1 Quik-serv Webserver 2026-06-16 5.0 MEDIUM N/A
Directory traversal vulnerability in Quik-Serv HTTP server 1.1B allows remote attackers to read arbitrary files via a .. (dot dot) in a URL.
CVE-2002-0555 1 Ibm 1 Informix Web Datablade 2026-06-16 7.5 HIGH N/A
IBM Informix Web DataBlade 4.12 unescapes user input even if an application has escaped it, which could allow remote attackers to execute SQL code in a web form even when the developer has attempted to escape it.
CVE-2002-0554 1 Ibm 1 Informix Web Datablade 2026-06-16 7.5 HIGH N/A
webdriver in IBM Informix Web DataBlade 4.12 allows remote attackers to bypass user access levels or read arbitrary files via a SQL injection attack in an HTTP request.
CVE-2002-0553 1 Turnkey Solutions 1 Sunshop Shopping Cart 2026-06-16 7.5 HIGH N/A
Cross-site scripting vulnerability in SunShop 2.5 and earlier allows remote attackers to gain administrative privileges to SunShop by injecting the script into fields during new customer registration.
CVE-2002-0552 1 Melange 1 Melange Chat System 2026-06-16 7.5 HIGH N/A
Multiple buffer overflows in Melange Chat server 2.02 allow remote or local attackers to cause a denial of service (crash) and possibly execute arbitrary code via (1) a long argument in the /yell command, (2) long lines in the /etc/melange.conf configuration file, (3) long file names, or possibly other attacks.
CVE-2002-0551 1 Gcf 1 Dynamic Guestbook 2026-06-16 7.5 HIGH N/A
Cross-site scripting vulnerability in Dynamic Guestbook 3.0 allows remote attackers to execute code in clients who access guestbook pages via the parameters (1) name, (2) mail, or (3) kommentar.
CVE-2002-0550 1 Gcf 1 Dynamic Guestbook 2026-06-16 7.5 HIGH N/A
Dynamic Guestbook 3.0 allows remote attackers to execute arbitrary code via shell metacharacters in the gbdaten parameter.
CVE-2002-0549 1 Anthill 1 Anthill 2026-06-16 7.5 HIGH N/A
Cross-site scripting vulnerabilities in Anthill allow remote attackers to execute script as other Anthill users.
CVE-2002-0548 1 Anthill 1 Anthill 2026-06-16 7.5 HIGH N/A
Anthill allows remote attackers to bypass authentication and file bug reports by directly accessing the postbug.php program instead of enterbug.php.
CVE-2002-0547 1 Nullsoft 1 Winamp 2026-06-16 7.5 HIGH N/A
Buffer overflow in the mini-browser for Winamp 2.79 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long string in the title field of an ID3v2 tag.
CVE-2002-0546 1 Nullsoft 1 Winamp 2026-06-16 7.5 HIGH N/A
Cross-site scripting vulnerability in the mini-browser for Winamp 2.78 and 2.79 allows remote attackers to execute script via an ID3v1 or ID3v2 tag in an MP3 file.
CVE-2002-0545 1 Cisco 2 Aironet Ap340, Aironet Ap350 2026-06-16 5.0 MEDIUM N/A
Cisco Aironet before 11.21 with Telnet enabled allows remote attackers to cause a denial of service (reboot) via a series of login attempts with invalid usernames and passwords.
CVE-2002-0544 1 Aprelium Technologies 1 Abyss Web Server 2026-06-16 7.2 HIGH N/A
Aprelium Abyss Web Server (abyssws) before 1.0.3 stores the administrative console password in plaintext in the abyss.conf file, which allows local users with access to the file to gain privileges.
CVE-2002-0543 1 Aprelium Technologies 1 Abyss Web Server 2026-06-16 5.0 MEDIUM N/A
Directory traversal vulnerability in Aprelium Abyss Web Server (abyssws) before 1.0.0.2 allows remote attackers to read files outside the web root, including the abyss.conf file, via URL-encoded .. (dot dot) sequences in the HTTP request.
CVE-2002-0542 1 Openbsd 1 Openbsd 2026-06-16 7.2 HIGH N/A
mail in OpenBSD 2.9 and 3.0 processes a tilde (~) escape character in a message even when it is not in interactive mode, which could allow local users to gain root privileges via calls to mail in cron.
CVE-2002-0541 1 Ibm 1 Tivoli Storage Manager 2026-06-16 7.5 HIGH N/A
Buffer overflow in Tivoli Storage Manager TSM (1) Server or Storage Agents 3.1 through 5.1, and (2) the TSM Client Acceptor Service 4.2 and 5.1, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long HTTP GET request to port 1580 or port 1581.
CVE-2002-0540 1 Nortel 1 Cvx 1800 Multi-service Access Switch 2026-06-16 7.5 HIGH N/A
Nortel CVX 1800 is installed with a default "public" community string, which allows remote attackers to read usernames and passwords and modify the CVX configuration.
CVE-2002-0539 1 Demarc Security 1 Puresecure 2026-06-16 10.0 HIGH N/A
Demarc PureSecure 1.05 allows remote attackers to gain administrative privileges via a SQL injection attack in a session ID that is stored in the s_key cookie.
CVE-2002-0538 1 Symantec 4 Enterprise Firewall, Gateway Security, Raptor Firewall and 1 more 2026-06-16 7.5 HIGH N/A
FTP proxy in Symantec Raptor Firewall 6.5.3 and Enterprise 7.0 rewrites an FTP server's "FTP PORT" responses in a way that allows remote attackers to redirect FTP data connections to arbitrary ports, a variant of the "FTP bounce" vulnerability.
CVE-2002-0537 1 Stepweb 1 Sws 2026-06-16 10.0 HIGH N/A
The admin.html file in StepWeb Search Engine (SWS) 2.5 stores passwords in links to manager.pl, which allows remote attackers who can access the admin.html file to gain administrative privileges to SWS.