Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2002-05-29 | CVE-2002-0264 | Unspecified vulnerability in Cooolsoft Powerftp 2.03/2.10 PowerFTP Personal FTP Server 2.03 through 2.10 stores sensitive account information in plaintext in the ftpserver.ini file, which allows attackers with access to the file to gain privileges. | 7.5 |
| 2002-05-29 | CVE-2002-0263 | Remote Buffer Overflow vulnerability in Ezne.Net Ezboard 2000 1.27 Buffer overflow in EasyBoard 2000 1.27 (aka EZboard) allows remote attackers to execute arbitrary code via a long boundary value in a multipart Content-Type header to (1) ezboard.cgi, (2) ezman.cgi, or (3) ezadmin.cgi. | 7.5 |
| 2002-05-29 | CVE-2002-0261 | Directory Traversal vulnerability in InstantServers MiniPortal Directory traversal vulnerability in InstantServers MiniPortal 1.1.5 and earlier allows remote authenticated users to read arbitrary files via a ... | 7.5 |
| 2002-05-29 | CVE-2002-0260 | Remote Buffer Overlow vulnerability in InstantServers MiniPortal FTP Login Buffer overflow in InstantServers MiniPortal 1.1.5 and earlier allows remote attackers to execute arbitrary code via a long login name, which is not properly handled by the logging utility. | 7.5 |
| 2002-05-29 | CVE-2002-0258 | Merak Mail IceWarp Web Mail uses a static identifier as a user session ID that does not change across sessions, which could allow remote attackers with access to the ID to gain privileges as that user, e.g. | 7.5 |
| 2002-05-29 | CVE-2002-0257 | Cross-site scripting vulnerability in auction.pl of MakeBid Auction Deluxe 3.30 allows remote attackers to obtain information from other users via the form fields (1) TITLE, (2) DESCTIT, (3) DESC, (4) searchstring, (5) ALIAS, (6) EMAIL, (7) ADDRESS1, (8) ADDRESS2, (9) ADDRESS3, (10) PHONE1, (11) PHONE2, (12) PHONE3, or (13) PHONE4. | 7.5 |
| 2002-05-29 | CVE-2002-0252 | Remote Buffer Overflow vulnerability in Apple QuickTime Content-Type Buffer overflow in Apple QuickTime Player 5.01 and 5.02 allows remote web servers to execute arbitrary code via a response containing a long Content-Type MIME header. | 7.5 |
| 2002-05-29 | CVE-2002-0251 | Denial Of Service vulnerability in LICQ Format String Buffer overflow in licq 1.0.4 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long string of format string characters such as "%d". | 7.5 |
| 2002-05-29 | CVE-2002-0250 | Authentication Bypass vulnerability in HP AdvanceStack Switch Web configuration utility in HP AdvanceStack hubs J3200A through J3210A with firmware version A.03.07 and earlier, allows unauthorized users to bypass authentication via a direct HTTP request to the web_access.html file, which allows the user to change the switch's configuration and modify the administrator password. | 7.5 |
| 2002-05-29 | CVE-2002-0248 | Unspecified vulnerability in Wliang Wmtv wmtv 0.6.5 and earlier allows local users to modify arbitrary files via a symlink attack on a configuration file. | 7.2 |