CVE List

Id CVE No. Status Description Phase Votes Comments Actions
5459  CVE-2002-1071  Candidate  ZyXEL Prestige 642R allows remote attackers to cause a denial of service in the Telnet, FTP, and DHCP services (crash) via a TCP packet with both the SYN and ACK flags set.  Proposed (20020830)  ACCEPT(1) Frech | NOOP(5) Cole, Cox, Foat, Green, Wall    View
5331  CVE-2002-0943  Candidate  MetaCart2.sql stores the user database under the web document root without access controls, which allows remote attackers to obtain sensitive information such as passwords and credit card numbers via a direct request for metacart.mdb.  Proposed (20020830)  ACCEPT(1) Frech | NOOP(5) Cole, Cox, Foat, Green, Wall  Frech> XF:shopping-cart-database-access(9816)  View
4826  CVE-2002-0434  Candidate  Marcus S. Xenakis directory.php script allows remote attackers to execute arbitrary commands via shell metacharacters in the dir parameter.  Proposed (20020611)  ACCEPT(1) Frech | NOOP(5) Cole, Cox, Foat, Green, Wall    View
5339  CVE-2002-0951  Candidate  SQL injection vulnerability in Ruslan <Body>Builder allows remote attackers to gain administrative privileges via a ""--" sequence in the username and password.  Proposed (20020830)  ACCEPT(1) Frech | NOOP(5) Cole, Cox, Foat, Green, Wall    View
5343  CVE-2002-0955  Candidate  Cross-site scripting vulnerability in YaBB.cgi for Yet Another Bulletin Board (YaBB) 1 Gold SP1 and earlier allows remote attackers to execute arbitrary script as other web site visitors via script in the num parameter, which is not filtered in the resulting error message.  Proposed (20020830)  ACCEPT(1) Frech | NOOP(5) Cole, Cox, Foat, Green, Wall    View

Page 716 of 20943, showing 5 records out of 104715 total, starting on record 3576, ending on 3580

Actions