Vulnerabilities > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2002-06-18 | CVE-2002-0613 | Authentication Bypass vulnerability in Dnstools Software Dnstools 2.0Beta3/2.0Beta4 dnstools.php for DNSTools 2.0 beta 4 and earlier allows remote attackers to bypass authentication and gain privileges by setting the user_logged_in or user_dnstools_administrator parameters. | 10.0 |
| 2002-06-18 | CVE-2002-0599 | Authentication Bypass vulnerability in Blahz-Dns 0.2 Blahz-DNS 0.2 and earlier allows remote attackers to bypass authentication and modify configuration by directly requesting CGI programs such as dostuff.php instead of going through the login screen. | 10.0 |
| 2002-05-31 | CVE-2002-0311 | Unspecified vulnerability in Caldera Openunix and Unixware Vulnerability in webtop in UnixWare 7.1.1 and Open UNIX 8.0.0 allows local and possibly remote attackers to gain root privileges via shell metacharacters in the -c argument for (1) in scoadminreg.cgi or (2) service_action.cgi. | 10.0 |
| 2002-05-31 | CVE-2002-0308 | Remote SQL Injection vulnerability in Stefan Holmberg Admentor 2.11 admin.asp in AdMentor 2.11 allows remote attackers to bypass authentication and gain privileges via a SQL injection attack on the Login and Password arguments. | 10.0 |
| 2002-05-31 | CVE-2002-0287 | SQL Injection User Authentication vulnerability in Powie's PForum pforum 1.14 and earlier does not explicitly enable PHP magic quotes, which allows remote attackers to bypass authentication and gain administrator privileges via an SQL injection attack when the PHP server is not configured to use magic quotes by default. | 10.0 |
| 2002-05-31 | CVE-2002-0272 | Buffer Overflow vulnerability in Mpg321 0.2.2/0.2.3/0.2.9 Buffer overflows in mpg321 before 0.2.9 allows local and possibly remote attackers to execute arbitrary code via a long URL to (1) a command line option, (2) an HTTP request, or (3) an FTP request. | 10.0 |
| 2002-05-29 | CVE-2002-0267 | Unspecified vulnerability in Sips preferences.php in Simple Internet Publishing System (SIPS) before 0.3.1 allows remote attackers to gain administrative privileges via a linebreak in the "theme" field followed by the Status::admin command, which causes the Status line to be entered into the password file. | 10.0 |
| 2002-05-29 | CVE-2002-0255 | Unspecified vulnerability in Arescom Netdsl 800U The default configuration of Arescom NetDSL 800 does not require authentication, which allows remote attackers to cause a denial of service or reconfigure the router. | 10.0 |
| 2002-05-29 | CVE-2002-0033 | Heap Overflow vulnerability in Solaris cachefsd Heap-based buffer overflow in cfsd_calloc function of Solaris cachefsd allows remote attackers to execute arbitrary code via a request with a long directory and cache name. | 10.0 |
| 2002-05-27 | CVE-2002-1641 | Remotely Exploitable Buffer Overflow vulnerability in Oracle Web Cache Multiple buffer overflows in Oracle Web Cache for Oracle 9i Application Server (9iAS) allow remote attackers to execute arbitrary code via unknown vectors. | 10.0 |