Vulnerabilities > High

DATE CVE VULNERABILITY TITLE RISK
2002-07-03 CVE-2002-0557 Unspecified vulnerability in Openbsd 3.0
Vulnerability in OpenBSD 3.0, when using YP with netgroups in the password database, causes (1) rexec or (2) rsh to run another user's shell, or (3) atrun to change to a different user's directory, possibly due to memory allocation failures or an incorrect call to auth_approval().
network
low complexity
openbsd
7.5
2002-07-03 CVE-2002-0555 Unspecified vulnerability in IBM Informix web Datablade
IBM Informix Web DataBlade 4.12 unescapes user input even if an application has escaped it, which could allow remote attackers to execute SQL code in a web form even when the developer has attempted to escape it.
network
low complexity
ibm
7.5
2002-07-03 CVE-2002-0554 SQL Injection vulnerability in IBM Informix web Datablade 4.10/4.11/4.12
webdriver in IBM Informix Web DataBlade 4.12 allows remote attackers to bypass user access levels or read arbitrary files via a SQL injection attack in an HTTP request.
network
low complexity
ibm
7.5
2002-07-03 CVE-2002-0553 Unspecified vulnerability in Turnkey Solutions Sunshop Shopping Cart
Cross-site scripting vulnerability in SunShop 2.5 and earlier allows remote attackers to gain administrative privileges to SunShop by injecting the script into fields during new customer registration.
network
low complexity
turnkey-solutions
7.5
2002-07-03 CVE-2002-0552 Remote Buffer Overflow vulnerability in Melange Chat System 2.0.2Beta2
Multiple buffer overflows in Melange Chat server 2.02 allow remote or local attackers to cause a denial of service (crash) and possibly execute arbitrary code via (1) a long argument in the /yell command, (2) long lines in the /etc/melange.conf configuration file, (3) long file names, or possibly other attacks.
network
low complexity
melange
7.5
2002-07-03 CVE-2002-0551 Unspecified vulnerability in GCF Dynamic Guestbook 3.0
Cross-site scripting vulnerability in Dynamic Guestbook 3.0 allows remote attackers to execute code in clients who access guestbook pages via the parameters (1) name, (2) mail, or (3) kommentar.
network
low complexity
gcf
7.5
2002-07-03 CVE-2002-0550 Remote Command Execution vulnerability in GCF Dynamic Guestbook 3.0
Dynamic Guestbook 3.0 allows remote attackers to execute arbitrary code via shell metacharacters in the gbdaten parameter.
network
low complexity
gcf
7.5
2002-07-03 CVE-2002-0549 Unspecified vulnerability in Anthill
Cross-site scripting vulnerabilities in Anthill allow remote attackers to execute script as other Anthill users.
network
low complexity
anthill
7.5
2002-07-03 CVE-2002-0548 Authentication Bypass vulnerability in Anthill postbug.php
Anthill allows remote attackers to bypass authentication and file bug reports by directly accessing the postbug.php program instead of enterbug.php.
network
low complexity
anthill
7.5
2002-07-03 CVE-2002-0547 Buffer Overflow vulnerability in Nullsoft Winamp Minibrowser ID3v2
Buffer overflow in the mini-browser for Winamp 2.79 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long string in the title field of an ID3v2 tag.
network
low complexity
nullsoft
7.5