CVE List

Id CVE No. Status Description Phase Votes Comments Actions
4883  CVE-2002-0491  Candidate  admin.php in AlGuest 1.0 guestbook checks for the existence of the admin cookie to authenticate the AlGuest administrator, which allows remote attackers to bypass the authentication and gain privileges by setting the admin cookie to an arbitrary value.  Proposed (20020611)  ACCEPT(2) Cole, Frech | NOOP(4) Armstrong, Cox, Foat, Wall    View
4888  CVE-2002-0496  Candidate  The HTTP server for SouthWest Talker server 1.0.0 allows remote attackers to cause a denial of service (server crash) via a malformed URL to port 5002.  Proposed (20020611)  ACCEPT(2) Cole, Frech | NOOP(4) Armstrong, Cox, Foat, Wall    View
4890  CVE-2002-0498  Candidate  Etnus TotalView 5.0.0-4 installs certain files with UID 5039 and GID 59, which could allow local users with that UID or GID to modify the files and gain privileges as other TotalView users.  Proposed (20020611)  ACCEPT(2) Cole, Frech | NOOP(4) Armstrong, Cox, Foat, Wall    View
4895  CVE-2002-0503  Candidate  Directory traversal vulnerability in boilerplate.asp for Citrix NFuse 1.5 allows remote authenticated users to read arbitrary files via a .. (dot dot) in the NFuse_Template parameter.  Proposed (20020611)  ACCEPT(2) Cole, Frech | NOOP(4) Armstrong, Cox, Foat, Wall    View
4896  CVE-2002-0504  Candidate  Cross-site scripting vulnerability in Citrix NFuse 1.6 and earlier does not quote results from the getLastError method, which allows remote attackers to execute script in other clients via the NFuse_Application parameter to (1) launch.jsp or (2) launch.asp.  Proposed (20020611)  ACCEPT(2) Cole, Frech | NOOP(4) Armstrong, Cox, Foat, Wall    View

Page 20110 of 20943, showing 5 records out of 104715 total, starting on record 100546, ending on 100550

Actions