CVE List
Id | CVE No. | Status | Description | Phase | Votes | Comments | Actions |
---|---|---|---|---|---|---|---|
4883 | CVE-2002-0491 | Candidate | admin.php in AlGuest 1.0 guestbook checks for the existence of the admin cookie to authenticate the AlGuest administrator, which allows remote attackers to bypass the authentication and gain privileges by setting the admin cookie to an arbitrary value. | Proposed (20020611) | ACCEPT(2) Cole, Frech | NOOP(4) Armstrong, Cox, Foat, Wall | View | |
4888 | CVE-2002-0496 | Candidate | The HTTP server for SouthWest Talker server 1.0.0 allows remote attackers to cause a denial of service (server crash) via a malformed URL to port 5002. | Proposed (20020611) | ACCEPT(2) Cole, Frech | NOOP(4) Armstrong, Cox, Foat, Wall | View | |
4890 | CVE-2002-0498 | Candidate | Etnus TotalView 5.0.0-4 installs certain files with UID 5039 and GID 59, which could allow local users with that UID or GID to modify the files and gain privileges as other TotalView users. | Proposed (20020611) | ACCEPT(2) Cole, Frech | NOOP(4) Armstrong, Cox, Foat, Wall | View | |
4895 | CVE-2002-0503 | Candidate | Directory traversal vulnerability in boilerplate.asp for Citrix NFuse 1.5 allows remote authenticated users to read arbitrary files via a .. (dot dot) in the NFuse_Template parameter. | Proposed (20020611) | ACCEPT(2) Cole, Frech | NOOP(4) Armstrong, Cox, Foat, Wall | View | |
4896 | CVE-2002-0504 | Candidate | Cross-site scripting vulnerability in Citrix NFuse 1.6 and earlier does not quote results from the getLastError method, which allows remote attackers to execute script in other clients via the NFuse_Application parameter to (1) launch.jsp or (2) launch.asp. | Proposed (20020611) | ACCEPT(2) Cole, Frech | NOOP(4) Armstrong, Cox, Foat, Wall | View |
Page 20110 of 20943, showing 5 records out of 104715 total, starting on record 100546, ending on 100550