CVE List

Id CVE No. Status Description Phase Votes Comments Actions
4862  CVE-2002-0470  Candidate  PHPNetToolpack 0.1 relies on its environment"s PATH to find and execute the traceroute program, which could allow local users to gain privileges by inserting a Trojan horse program into the search path.  Modified (20080918)  ACCEPT(1) Frech | NOOP(5) Cole, Cox, Foat, Green, Wall    View
4863  CVE-2002-0471  Candidate  PHPNetToolpack 0.1 allows remote attackers to execute arbitrary code via shell metacharacters in the a_query variable.  Modified (20080918)  ACCEPT(1) Frech | NOOP(5) Cole, Cox, Foat, Green, Wall    View
4825  CVE-2002-0433  Candidate  Pi3Web 2.0.0 allows remote attackers to view restricted files via an HTTP request containing a "*" (wildcard or asterisk) character.  Proposed (20020611)  ACCEPT(1) Frech | NOOP(5) Cole, Cox, Foat, Green, Wall | REVIEWING(1) Christey  Christey> The Pi3Web author, Holger Zimmermann, sent an email on | 20041125 disputing this claim. Therefore, this candidate may need to | be REJECTed.  View
4000  CVE-2001-1196  Candidate  Directory traversal vulnerability in edit_action.cgi of Webmin Directory 0.91 allows attackers to gain privileges via a ".." (dot dot) in the argument.  Proposed (20020315)  ACCEPT(1) Frech | NOOP(5) Cole, Foat, Green, Wall, Ziese  Green> SINCE ROOT PRIVILEGES ARE REQUIRED TO USE THE TOOL, WHAT FURTHER | ESCALATION OF PRIVILEGE CAN OBTAINED?  View
4006  CVE-2001-1202  Candidate  Cross-site scripting vulnerability in DeleGate 7.7.0 and 7.7.1 does not quote scripting commands within a "403 Forbidden" error page, which allows remote attackers to execute arbitrary Javascript on other clients via a URL that generates an error.  Proposed (20020315)  ACCEPT(1) Frech | NOOP(5) Cole, Foat, Green, Wall, Ziese  Green> Change history at the DeleGate is not specific enough to determine if | the java scripting problem has been addressed.  View

Page 717 of 20943, showing 5 records out of 104715 total, starting on record 3581, ending on 3585

Actions