Vulnerabilities > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2002-06-25 | CVE-2002-0324 | Unspecified vulnerability in Noah Gray Graymatter Greymatter 1.21c and earlier with the Bookmarklet feature enabled allows remote attackers to read a cleartext password and gain administrative privileges by guessing the name of a gmrightclick-*.reg file which contains the administrator name and password in cleartext, then retrieving the file from the web server before the Greymatter administrator performs a "Clear And Exit" action. | 7.5 |
2002-06-25 | CVE-2002-0322 | Unspecified vulnerability in Yahoo Messenger 4.0 Yahoo! Messenger 4.0 sends user passwords in cleartext, which could allow remote attackers to gain privileges of other users via sniffing. | 7.5 |
2002-06-25 | CVE-2002-0320 | Field Overflow vulnerability in Yahoo Messenger 5.0 Buffer overflow in Yahoo! Messenger 5.0 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long (1) message or (2) IMvironment field. | 7.5 |
2002-06-25 | CVE-2002-0319 | Cross-Site Scripting vulnerability in Powie PForum Username Cross-site scripting vulnerability in edituser.php for pforum 1.14 and earlier allows remote attackers to execute script and steal cookies from other users via Javascript in a username. | 7.5 |
2002-06-25 | CVE-2002-0317 | Unspecified vulnerability in Gator 3.0.6.1 Gator ActiveX component (IEGator.dll) 3.0.6.1 allows remote web sites to install arbitrary software by specifying a Trojan Gator installation file (setup.ex_) in the src parameter. | 7.5 |
2002-06-25 | CVE-2002-0316 | Unspecified vulnerability in XMB Software XMB Forum 1.6Prebeta Cross-site scripting vulnerability in eXtreme message board (XMB) 1.6x and earlier allows remote attackers to execute script as other XMB users by inserting the script into an IMG tag. | 7.5 |
2002-06-25 | CVE-2002-0315 | fasttrack p2p, as used in (1) KaZaA, (2) grokster, and (3) morpheus allows remote attackers to spoof other users by modifying the username and network information in the message header. | 7.5 |
2002-06-25 | CVE-2002-0313 | Buffer Overflow vulnerability in Essen Essentia web Server 2.1 Buffer overflow in Essentia Web Server 2.1 allows remote attackers to cause a denial of service, and possibly execute arbitrary code, via a long URL. | 7.5 |
2002-06-25 | CVE-2002-0006 | Remote IRC Command Execution vulnerability in X-Chat CTCP Ping Arbitrary XChat 1.8.7 and earlier, including default configurations of 1.4.2 and 1.4.3, allows remote attackers to execute arbitrary IRC commands as other clients via encoded characters in a PRIVMSG command that calls CTCP PING, which expands the characters in the client response when the percascii variable is set. | 7.5 |
2002-06-18 | CVE-2002-0612 | Unspecified vulnerability in Craig Patchett Fileseek FileSeek.cgi allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) head or (2) foot parameters. | 7.5 |