2002 CVE Vulnerabilities
2,393 CVEs published in 2002.
| CVE ID | Severity | CVSS | EPSS | Published | Description |
|---|---|---|---|---|---|
| CVE-2002-1352 | — | — | 1.1% | Sep 17, 2003 | Per Magne Knutsen's CartMan shopping cart (cartman.php) 1.04 and earlier allows remote attackers to modify product price... |
| CVE-2002-1566 | — | — | 3.4% | Aug 27, 2003 | netris 0.5, and possibly other versions before 0.52, when running with the -w (wait) option, allows remote attackers to ... |
| CVE-2002-1155 | — | — | 1.1% | Jun 16, 2003 | Buffer overflow in KON kon2 0.3.9b and earlier allows local users to execute arbitrary code via a long -Coding command l... |
| CVE-2002-1565 | — | — | 3.0% | Jun 16, 2003 | Buffer overflow in url_filename function for wget 1.8.1 allows attackers to cause a denial of service (segmentation faul... |
| CVE-2002-1462 | — | — | 1.5% | Jun 9, 2003 | details2.php in OrganicPHP PHP-affiliate 1.0, and possibly later versions, allows remote attackers to modify information... |
| CVE-2002-1461 | — | — | 2.4% | Jun 9, 2003 | Web Shop Manager 1.1 allows remote attackers to execute arbitrary commands via shell metacharacters in the search box. |
| CVE-2002-1564 | — | — | 11.7% | Jun 9, 2003 | Internet Explorer 5.5 and 6.0 allows remote attackers to steal potentially sensitive information from cookies via a cook... |
| CVE-2002-1459 | — | — | 1.6% | Jun 9, 2003 | Cross-site scripting vulnerability in L-Forum 2.40 and earlier, when the "Enable HTML in messages" option is off, allows... |
| CVE-2002-1458 | — | — | 1.6% | Jun 9, 2003 | Cross-site scripting vulnerability in L-Forum 2.40 and earlier, when the "Enable HTML in messages" option is on, allows ... |
| CVE-2002-1460 | — | — | 1.9% | Jun 9, 2003 | L-Forum 2.40 and earlier does not properly verify whether a file was uploaded or if the associated variables were set by... |
| CVE-2002-1455 | — | — | 3.9% | Jun 9, 2003 | Multiple cross-site scripting (XSS) vulnerabilities in OmniHTTPd allow remote attackers to insert script or HTML into we... |
| CVE-2002-1454 | — | — | 1.7% | Jun 9, 2003 | MyWebServer 1.0.2 allows remote attackers to determine the absolute path of the web document root via a request for a di... |
| CVE-2002-1456 | — | — | 11.6% | Jun 9, 2003 | Buffer overflow in mIRC 6.0.2 and earlier allows remote attackers to execute arbitrary code via a long $asctime value. |
| CVE-2002-1457 | — | — | 1.2% | Jun 9, 2003 | SQL injection vulnerability in search.php for L-Forum 2.40 allows remote attackers to execute arbitrary SQL statements v... |
| CVE-2002-1463 | — | — | 6.9% | Jun 9, 2003 | Symantec Raptor Firewall 6.5 and 6.5.3, Enterprise Firewall 6.5.2 and 7.0, VelociRaptor Models 500/700/1000 and 1100/120... |
| CVE-2002-1563 | — | — | 0.3% | May 12, 2003 | stunnel 4.0.3 and earlier allows attackers to cause a denial of service (crash) via SIGCHLD signal handler race conditio... |
| CVE-2002-1562 | — | — | 2.8% | May 12, 2003 | Directory traversal vulnerability in thttpd, when using virtual hosting, allows remote attackers to read arbitrary files... |
| CVE-2002-1465 | — | — | 1.4% | Apr 22, 2003 | SQL injection vulnerability in CafeLog b2 Weblog Tool allows remote attackers to execute arbitrary SQL code via the tabl... |
| CVE-2002-1464 | — | — | 1.5% | Apr 22, 2003 | Cross-site scripting (XSS) vulnerability in CafeLog b2 Weblog Tool allows remote attackers to insert arbitrary HTML or s... |
| CVE-2002-1466 | — | — | 2.7% | Apr 22, 2003 | CafeLog b2 Weblog Tool 2.06pre4, with allow_fopen_url enabled, allows remote attackers to execute arbitrary PHP code via... |
| CVE-2002-1467 | — | — | 1.9% | Apr 22, 2003 | Macromedia Flash Plugin before 6,0,47,0 allows remote attackers to bypass the same-domain restriction and read arbitrary... |
| CVE-2002-1468 | — | — | 4.1% | Apr 22, 2003 | Buffer overflow in errpt in AIX 4.3.3 allows local users to execute arbitrary code as root. |
| CVE-2002-1479 | — | — | 0.5% | Apr 22, 2003 | Cacti before 0.6.8 stores a MySQL username and password in plaintext in config.php, which has world-readable permissions... |
| CVE-2002-1478 | — | — | 2.5% | Apr 22, 2003 | Cacti before 0.6.8 allows attackers to execute arbitrary commands via the "Data Input" option in console mode. |
| CVE-2002-1481 | — | — | 7.2% | Apr 22, 2003 | savesettings.php in phpGB 1.20 and earlier does not require authentication, which allows remote attackers to cause a den... |
Check if your code is affected by 2002 CVEs
Strix scans your code and infrastructure for known vulnerabilities automatically.
Scan your code now