Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2002-06-18 | CVE-2002-0590 | Unspecified vulnerability in Icredibb 1.1Beta Cross-site scripting (CSS) vulnerability in IcrediBB 1.1 Beta allows remote attackers to execute arbitrary script and steal cookies as other IcrediBB users via the (1) title or (2) body of posts. | 7.5 |
| 2002-06-18 | CVE-2002-0589 | Unspecified vulnerability in Steve Korbett Pvote PVote before 1.9 allows remote attackers to change the administrative password and gain privileges by directly calling ch_info.php with the newpass and confirm parameters both set to the new password. | 7.5 |
| 2002-06-18 | CVE-2002-0587 | Denial-Of-Service vulnerability in Aol Server Buffer overflow in Ns_PdLog function for the external database driver proxy daemon library (libnspd.a) of AOLServer 3.0 through 3.4.2 allows remote attackers to cause a denial of service or execute arbitrary code via the Error or Notice parameters. | 7.5 |
| 2002-06-18 | CVE-2002-0586 | Unspecified vulnerability in AOL Server Format string vulnerability in Ns_PdLog function for the external database driver proxy daemon library (libnspd.a) of AOLServer 3.0 through 3.4.2 allows remote attackers to execute arbitrary code via the Error or Notice parameters. | 7.5 |
| 2002-06-18 | CVE-2002-0581 | SQL Injection vulnerability in Workforceroi Xpede 4.1 WorkforceROI Xpede 4.1 allows remote attackers to execute arbitrary SQL commands and read, modify, or steal credentials from the database via the Qry parameter in the sprc.asp script. | 7.5 |
| 2002-06-18 | CVE-2002-0580 | Information Disclosure vulnerability in Workforceroi Xpede 4.1 WorkforceROI Xpede 4.1 allows remote attackers to obtain the database username via a request to datasource.asp, which leaks the username in a form and allows the attacker to more easily conduct brute force password guessing attacks. | 7.5 |
| 2002-06-18 | CVE-2002-0579 | Unspecified vulnerability in Workforceroi Xpede 4.1 WorkforceROI Xpede 4.1 allows remote attackers to gain privileges as an Xpede administrator via a direct HTTP request to the /admin/adminproc.asp script, which does not prompt for a password. | 7.5 |
| 2002-06-18 | CVE-2002-0578 | Unspecified vulnerability in ACI 4D Webserver 6.5.7 Buffer overflow in 4D WebServer 6.7.3 allows remote attackers to cause a denial of service and possibly execute arbitrary code via an HTTP request with Basic Authentication containing a long (1) user name or (2) password. | 7.5 |
| 2002-06-18 | CVE-2002-0575 | Buffer Overflow vulnerability in OpenSSH Kerberos 4 TGT/AFS Token Buffer overflow in OpenSSH before 2.9.9, and 3.x before 3.2.1, with Kerberos/AFS support and KerberosTgtPassing or AFSTokenPassing enabled, allows remote and local authenticated users to gain privileges. | 7.5 |
| 2002-06-18 | CVE-2002-0401 | NULL Pointer Dereference vulnerability in multiple products SMB dissector in Ethereal 0.9.3 and earlier allows remote attackers to cause a denial of service (crash) or execute arbitrary code via malformed packets that cause Ethereal to dereference a NULL pointer. | 7.5 |