Search Results (363285 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2002-0293 1 Alcatel-lucent 1 Omnipcx 2026-04-16 N/A
FTP service in Alcatel OmniPCX 4400 allows the "halt" user to gain root privileges by modifying root's .profile file.
CVE-2002-0299 1 Cnet 1 Catchup 2026-04-16 N/A
CNet CatchUp before 1.3.1 allows attackers to execute arbitrary code via a .RVP file that creates a file with an arbitrary extension (such as .BAT), which is executed during a scan.
CVE-2004-0262 1 The Palace 1 The Palace Client 2026-04-16 N/A
Stack-based buffer overflow in The Palace 3.5 and earlier client allows remote attackers to execute arbitrary code via a link to a palace:// url followed by a long server address string.
CVE-2002-0304 1 Summit Computer Networks 1 Lil Http Server 2026-04-16 N/A
Lil HTTP Server 2.1 allows remote attackers to read password-protected files via a /./ in the HTTP request.
CVE-2004-0264 2 Jim Rees, Shaun2k2 2 Jim Rees Httpd, Palmhttpd 2026-04-16 N/A
palmhttpd for PalmOS allows remote attackers to cause a denial of service (crash) by establishing two simultaneous HTTP connections, which exceeds the PalmOS accept queue.
CVE-2006-0419 1 Bea 1 Weblogic Server 2026-04-16 N/A
BEA WebLogic Server and WebLogic Express 9.0, 8.1 through SP5, and 7.0 through SP6 allows anonymous binds to the embedded LDAP server, which allows remote attackers to read user entries or cause a denial of service (unspecified) via a large number of connections.
CVE-2002-0305 1 Zero One Tech 1 P100s 2026-04-16 N/A
Zero One Tech (ZOT) P100s print server does not properly disable the SNMP service or change the default password, which could leave the server open to attack without the administrator's knowledge.
CVE-2006-0422 1 Bea 1 Weblogic Server 2026-04-16 N/A
Multiple unspecified vulnerabilities in BEA WebLogic Server and WebLogic Express 8.1 through SP4, 7.0 through SP6, and 6.1 through SP7 allow remote attackers to access MBean attributes or cause an unspecified denial of service via unknown attack vectors.
CVE-2002-0310 1 Netwin 1 Webnews 2026-04-16 N/A
Netwin WebNews 1.1k CGI program includes several default usernames and cleartext passwords that cannot be deleted by the administrator, which allows remote attackers to gain privileges via the username/password combinations (1) testweb/newstest, (2) alwn3845/imaptest, (3) alwi3845/wtest3452, or (4) testweb2/wtest4879.
CVE-2002-0312 1 Essen 1 Essentia Web Server 2026-04-16 N/A
Directory traversal vulnerability in Essentia Web Server 2.1 allows remote attackers to read arbitrary files via a .. (dot dot) in a URL.
CVE-2002-0315 3 Fasttrack, Grokster, Music City Networks 3 Kazaa, Grokster, Morpheus 2026-04-16 N/A
fasttrack p2p, as used in (1) KaZaA, (2) grokster, and (3) morpheus allows remote attackers to spoof other users by modifying the username and network information in the message header.
CVE-2002-0316 1 Xmb Software 1 Xmb Forum 2026-04-16 N/A
Cross-site scripting vulnerability in eXtreme message board (XMB) 1.6x and earlier allows remote attackers to execute script as other XMB users by inserting the script into an IMG tag.
CVE-2002-0318 1 Freeradius 1 Freeradius 2026-04-16 N/A
FreeRADIUS RADIUS server allows remote attackers to cause a denial of service (CPU consumption) via a flood of Access-Request packets.
CVE-2002-0323 1 Nombas 1 Scriptease Webserver 2026-04-16 N/A
comment2.jse in ScriptEase:WebServer allows remote attackers to read arbitrary files by specifying the target file as an argument in the URL.
CVE-2004-0266 1 Francisco Burzi 1 Php-nuke 2026-04-16 N/A
SQL injection vulnerability in the "public message" capability (public_message) for Php-Nuke 6.x to 7.1.0 allows remote attackers to obtain the administrator password via the c_mid parameter.
CVE-2002-0324 1 Noah Gray 1 Graymatter 2026-04-16 N/A
Greymatter 1.21c and earlier with the Bookmarklet feature enabled allows remote attackers to read a cleartext password and gain administrative privileges by guessing the name of a gmrightclick-*.reg file which contains the administrator name and password in cleartext, then retrieving the file from the web server before the Greymatter administrator performs a "Clear And Exit" action.
CVE-2002-0326 1 Working Resources Inc. 1 Badblue 2026-04-16 N/A
Cross-site scripting vulnerability in BadBlue before 1.6.1 beta allows remote attackers to execute arbitrary script and possibly additional commands via a URL that contains Javascript.
CVE-2002-0328 1 Ikonboard.com 1 Ikonboard 2026-04-16 N/A
Cross-site scripting vulnerability in Ikonboard 3.0.1 allows remote attackers to execute arbitrary script as other Ikonboard users and steal cookies via Javascript in an IMG tag.
CVE-2006-0428 1 Oracle 1 Weblogic Portal 2026-04-16 N/A
Unspecified vulnerability in BEA WebLogic Portal 8.1 SP3 through SP5, when using Web Services Remote Portlets (WSRP), allows remote attackers to access restricted web resources via crafted URLs.
CVE-2002-0330 1 Openbb 1 Openbb 2026-04-16 N/A
Cross-site scripting vulnerability in codeparse.php of Open Bulletin Board (OpenBB) 1.0.0 allows remote attackers to execute arbitrary script and steal cookies via Javascript in the IMG tag.