Strix
26.1K

2002 CVE Vulnerabilities

2,393 CVEs published in 2002.

CRITICAL12

0.5%

HIGH35

1.5%

MEDIUM13

0.5%

LOW1

0.0%

UNKNOWN2,332

97.5%

CVE IDSeverityCVSSDescription
CVE-2002-2310ClickCartPro 4.0 stores the admin_user.db data file under the web document root with insufficient access control on serv...
CVE-2002-2383SQL injection vulnerability in f2html.pl 0.1 through 0.4 allows remote attackers to execute arbitrary SQL commands via f...
CVE-2002-2419Direct connect text client (DCTC) client 0.83.3 allows remote attackers to cause a denial of service (crash) via a strin...
CVE-2002-1859Orion Application Server 1.5.3, when running on Windows, allows remote attackers to retrieve files in the WEB-INF direct...
CVE-2002-1860Pramati Server 3.0, when running on Windows, allows remote attackers to retrieve files in the WEB-INF directory, which c...
CVE-2002-2165The IMHO Webmail module 0.97.3 and earlier for Roxen leaks the REFERER from the browser's previous login session in an e...
CVE-2002-1861Sybase Enterprise Application Server 4.0, when running on Windows, allows remote attackers to retrieve files in the WEB-...
CVE-2002-1862SmartMail Server 2.0 allows remote attackers to cause a denial of service (crash) by sending data and closing the connec...
CVE-2002-2166Cross-site scripting (XSS) vulnerability in FuseTalk 2.0 and 3.0 allows remote attackers to insert arbitrary HTML and we...
CVE-2002-2311Microsoft Internet Explorer 6.0 and possibly others allows remote attackers to upload arbitrary file contents when users...
CVE-2002-1863Iomega Network Attached Storage (NAS) A300U, and possibly other models, does not allow the FTP service to be disabled, w...
CVE-2002-1864Directory traversal vulnerability in Simple Web Server (SWS) 0.0.4 through 0.1.0 allows remote attackers to read arbitra...
CVE-2002-2167Directory traversal vulnerability in function_foot_1.inc.php for Thorsten Korner 123tkShop before 0.3.1 allows remote at...
CVE-2002-1865Buffer overflow in the Embedded HTTP server, as used in (1) D-Link DI-804 4.68, Dl-704 V2.56b6, and Dl-704 V2.56b5 and (...
CVE-2002-1866Simple Web Server (SWS) 0.0.4 through 0.1.0 does not close file descriptors for 404 error messages, which could allow re...
CVE-2002-2168SQL injection vulnerability in Thorsten Korner 123tkShop before 0.3.1 allows remote attackers to execute arbitrary SQL q...
CVE-2002-2312Opera 6.0.1 allows remote attackers to upload arbitrary file contents when users press a key corresponding to the JavaSc...
CVE-2002-2384hotfoon4.exe in Hotfoon 4.00 stores user names and passwords in cleartext in the hotfoon2 registry key, which allows loc...
CVE-2002-1867The default configuration of BizDesign ImageFolio 2.23 through 2.26 does not control access to (1) admin/setup.cgi, whic...
CVE-2002-1868Dispair 0.1 and 0.2 allows remote attackers to execute arbitrary shell commands via certain form fields.
CVE-2002-2169Cross-site scripting vulnerability AOL Instant Messenger (AIM) 4.5 and 4.7 for MacOS and Windows allows remote attackers...
CVE-2002-1870Simple Web Server (SWS) 0.0.4 through 0.1.0 does not properly handle when the recv function call fails, which may allow ...
CVE-2002-1871pkgadd in Sun Solaris 2.5.1 through 8 installs files setuid/setgid root if the pkgmap file contains a "?" (question mark...
CVE-2002-2170Working Resources Inc. BadBlue Enterprise Edition 1.7 through 1.74 attempts to restrict administrator actions to the IP ...
CVE-2002-2313Eudora email client 5.1.1, with "use Microsoft viewer" enabled, allows remote attackers to execute arbitrary programs vi...

Check if your code is affected by 2002 CVEs

Strix scans your code and infrastructure for known vulnerabilities automatically.

Scan your code now