search menu icon-carat-right cmu-wordmark
Carnegie Mellon University

Software Engineering Institute

CERT Coordination Center

CERT/CC Vulnerability Notes Database


Published Public Updated ID CVSS Title
2002-09-26 2002-01-08 2002-09-26 VU#575619 Allaire Forums does not verify user information stored in hidden form fields
2002-09-26 2001-08-21 2002-09-26 VU#782243 TDForum does not adequately validate user input thereby allowing users to embed malicious script code in messages
2002-09-26 2001-08-20 2002-09-26 VU#471075 4D WebServer does not adequately validate user input thereby allowing directory traversal
2002-09-24 2001-09-24 2002-09-24 VU#933955 PHPNuke 'admin.php' script does not adequately authenticate users, thereby allowing malicious user to copy, move, or upload files
2002-09-24 2001-09-13 2002-09-24 VU#711491 Textor Webmasters Ltd listrec.pl does not adequately validate user input thereby allowing arbitrary commands to be executed
2002-09-24 2001-12-29 2002-09-24 VU#711315 Cherokee Web Server does not adequately validate user input thereby allowing remote command execution
2002-09-24 2001-12-01 2002-09-24 VU#597795 Easynews does not adequately validate user input thereby disclosing server installation path via crafted URL request
2002-09-24 2001-12-29 2002-09-24 VU#464827 Cherokee Web Server does not adequately validate user input thereby allowing directory traversal
2002-09-24 2001-12-13 2002-09-24 VU#413875 EFTP does not adequately validate user input thereby allowing directory traversal
2002-09-24 2001-12-19 2002-09-24 VU#283723 Exim does not adequately validate user input thereby allow execution of arbitrary commands
2002-09-24 2001-12-25 2002-09-24 VU#282403 AdCycle does not adequately validate user input thereby allowing for SQL injection
2002-09-24 2001-12-29 2002-09-24 VU#245795 Cherokee Web Server fails to drop privileges after daemon starts
2002-09-24 2001-10-22 2002-09-24 VU#222739 Handspring VisorPhone vulnerable to DoS via SMS image transfer
2002-09-24 2002-04-08 2002-09-24 VU#156123 Microsoft Office Web Components allows arbitary user to determine whether local file exists via Chart component "Load" method
2002-09-20 2002-08-01 2002-09-20 VU#137555 HP Tru64 UNIX "chfn" contains buffer overflow (SSRT2259)

Sponsored by CISA.

Download PGP Key

Read CERT/CC Blog

Learn about Vulnerability Analysis