Vulnerabilities > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2002-07-03 | CVE-2002-0560 | Unspecified vulnerability in Oracle products PL/SQL module 3.0.9.8.2 in Oracle 9i Application Server 1.0.2.x allows remote attackers to obtain sensitive information via the OWA_UTIL stored procedures (1) OWA_UTIL.signature, (2) OWA_UTIL.listprint, or (3) OWA_UTIL.show_query_columns. | 5.0 |
2002-07-03 | CVE-2002-0558 | Directory Traversal vulnerability in TYPSoft FTP Server Directory traversal vulnerability in TYPSoft FTP server 0.97.1 and earlier allows a remote authenticated user (possibly anonymous) to list arbitrary directories via a .. | 5.0 |
2002-07-03 | CVE-2002-0556 | Unspecified vulnerability in Deep Forest Software Quik-Serv Webserver 1.1B Directory traversal vulnerability in Quik-Serv HTTP server 1.1B allows remote attackers to read arbitrary files via a .. | 5.0 |
2002-07-03 | CVE-2002-0545 | Denial of Service vulnerability in Cisco Aironet Telnet Authentication Cisco Aironet before 11.21 with Telnet enabled allows remote attackers to cause a denial of service (reboot) via a series of login attempts with invalid usernames and passwords. | 5.0 |
2002-07-03 | CVE-2002-0543 | Unspecified vulnerability in Aprelium Technologies Abyss web Server 1.0 Directory traversal vulnerability in Aprelium Abyss Web Server (abyssws) before 1.0.0.2 allows remote attackers to read files outside the web root, including the abyss.conf file, via URL-encoded .. | 5.0 |
2002-07-03 | CVE-2002-0535 | Cross-site scripting vulnerabilities in PostBoard 2.0.1 and earlier allows remote attackers to execute script as other users via (1) an [IMG] tag when BBCode is enabled, or (2) in a topic title. | 5.0 |
2002-06-25 | CVE-2002-0381 | The TCP implementation in various BSD operating systems (tcp_input.c) does not properly block connections to broadcast addresses, which could allow remote attackers to bypass intended filters via packets with a unicast link layer address and an IP broadcast address. | 5.0 |
2002-06-25 | CVE-2002-0354 | The XMLHttpRequest object (XMLHTTP) in Netscape 6.1 and Mozilla 0.9.7 allows remote attackers to read arbitrary files and list directories on a client system by opening a URL that redirects the browser to the file on the client, then reading the result using the responseText property. | 5.0 |
2002-06-25 | CVE-2002-0352 | Information Disclosure vulnerability in Phorum 3.3.2 Phorum 3.3.2 allows remote attackers to determine the email addresses of the 10 most active users via a direct HTTP request to the stats.php program, which does not require authentication. | 5.0 |
2002-06-25 | CVE-2002-0349 | Unspecified vulnerability in Tiny Software Tiny Personal Firewall 2.0.15 Tiny Personal Firewall (TPF) 2.0.15, under certain configurations, will pop up an alert to the system even when the screen is locked, which could allow an attacker with physical access to the machine to hide activities or bypass access restrictions. | 4.6 |