Vulnerabilities > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2002-12-31 | CVE-2002-2287 | Code Injection vulnerability in PHPbb Advanced Quick Reply Hack 1.0.0/1.1.0 PHP remote file inclusion vulnerability in quick_reply.php for phpBB Advanced Quick Reply Hack 1.0.0 and 1.1.0 allows remote attackers to execute arbitrary PHP code via the phpbb_root_path parameter. | 7.5 |
2002-12-31 | CVE-2002-2277 | SQL Injection vulnerability in Portail web PHP Portail web PHP 0.99 SQL injection vulnerability in mod_search/index.php in PortailPHP 0.99 allows remote attackers to execute arbitrary SQL commands via the (1) $rech, (2) $BD_Tab_docs, (3) $BD_Tab_file, (4) $BD_Tab_liens, (5) $BD_Tab_faq, or (6) $chemin variables. | 7.5 |
2002-12-31 | CVE-2002-2272 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apache Http Server and Tomcat Tomcat 4.0 through 4.1.12, using mod_jk 1.2.1 module on Apache 1.3 through 1.3.27, allows remote attackers to cause a denial of service (desynchronized communications) via an HTTP GET request with a Transfer-Encoding chunked field with invalid values. | 7.8 |
2002-12-31 | CVE-2002-2267 | Unspecified vulnerability in Bogofilter Bogopass Email Filter 0.9.0.4 bogopass in bogofilter 0.9.0.4 allows local users to overwrite arbitrary files via a symlink attack on the bogopass temporary file. | 7.2 |
2002-12-31 | CVE-2002-2261 | Permissions, Privileges, and Access Controls vulnerability in Sendmail Sendmail 8.9.0 through 8.12.6 allows remote attackers to bypass relaying restrictions enforced by the 'check_relay' function by spoofing a blank DNS hostname. | 7.5 |
2002-12-31 | CVE-2002-2259 | Buffer Errors vulnerability in Gnuplot 3.7 Buffer overflow in the French documentation patch for Gnuplot 3.7 in SuSE Linux before 8.0 allows local users to execute arbitrary code as root via unknown attack vectors. | 7.2 |
2002-12-31 | CVE-2002-2252 | SQL Injection vulnerability in Atthat.Com Thatware SQL injection vulnerability in auth.inc.php in Thatware 0.5.0 and earlier allows remote attackers to execute arbitrary SQL commands via a base64-encoded user parameter. | 7.5 |
2002-12-31 | CVE-2002-2249 | Code Injection vulnerability in PHP Evolution News Evolution 1.0/2.0 PHP remote file inclusion vulnerability in News Evolution 2.0 allows remote attackers to execute arbitrary PHP commands via the neurl parameter to (1) backend.php, (2) screen.php, or (3) admin/modules/comment.php. | 7.5 |
2002-12-31 | CVE-2002-2239 | Improper Input Validation vulnerability in Cisco IOS 12.1E The Cisco Optical Service Module (OSM) for the Catalyst 6500 and 7600 series running Cisco IOS 12.1(8)E through 12.1(13.4)E allows remote attackers to cause a denial of service (hang) via a malformed packet. | 7.8 |
2002-12-31 | CVE-2002-2233 | Path Traversal vulnerability in Mollensoft Software Enceladus Server Suite 3.9 Directory traversal vulnerability in Enceladus Server Suite 3.9 allows remote attackers to list arbitrary directories and possibly cause a denial of service via "@" (at) characters in a CD (CWD) command, such as (1) "@/....\", (2) "@@@/..c:\", or (3) "@/..@/..". | 8.3 |