CVE List
Id | CVE No. | Status | Description | Phase | Votes | Comments | Actions |
---|---|---|---|---|---|---|---|
5459 | CVE-2002-1071 | Candidate | ZyXEL Prestige 642R allows remote attackers to cause a denial of service in the Telnet, FTP, and DHCP services (crash) via a TCP packet with both the SYN and ACK flags set. | Proposed (20020830) | ACCEPT(1) Frech | NOOP(5) Cole, Cox, Foat, Green, Wall | View | |
5331 | CVE-2002-0943 | Candidate | MetaCart2.sql stores the user database under the web document root without access controls, which allows remote attackers to obtain sensitive information such as passwords and credit card numbers via a direct request for metacart.mdb. | Proposed (20020830) | ACCEPT(1) Frech | NOOP(5) Cole, Cox, Foat, Green, Wall | Frech> XF:shopping-cart-database-access(9816) | View |
4826 | CVE-2002-0434 | Candidate | Marcus S. Xenakis directory.php script allows remote attackers to execute arbitrary commands via shell metacharacters in the dir parameter. | Proposed (20020611) | ACCEPT(1) Frech | NOOP(5) Cole, Cox, Foat, Green, Wall | View | |
5339 | CVE-2002-0951 | Candidate | SQL injection vulnerability in Ruslan <Body>Builder allows remote attackers to gain administrative privileges via a ""--" sequence in the username and password. | Proposed (20020830) | ACCEPT(1) Frech | NOOP(5) Cole, Cox, Foat, Green, Wall | View | |
5343 | CVE-2002-0955 | Candidate | Cross-site scripting vulnerability in YaBB.cgi for Yet Another Bulletin Board (YaBB) 1 Gold SP1 and earlier allows remote attackers to execute arbitrary script as other web site visitors via script in the num parameter, which is not filtered in the resulting error message. | Proposed (20020830) | ACCEPT(1) Frech | NOOP(5) Cole, Cox, Foat, Green, Wall | View |
Page 716 of 20943, showing 5 records out of 104715 total, starting on record 3576, ending on 3580