National Vulnerability Database

National Vulnerability Database

National Vulnerability
Database

Search Results (Refine Search)

Search Parameters:
  • Keyword (text search): PHP
  • Search Type: Search All
  • Contains Software Flaws (CVE)
There are 27,048 matching records.
Displaying matches 26161 through 26180.
Vuln ID Summary CVSS Severity
CVE-2002-0364

Buffer overflow in the chunked encoding transfer mechanism in IIS 4.0 and 5.0 allows attackers to execute arbitrary code via the processing of HTR request sessions, aka "Heap Overrun in HTR Chunked Encoding Could Enable Web Server Compromise."

Published: July 03, 2002; 12:00:00 AM -04:00
    V2: 7.5 HIGH
CVE-2002-0371

Buffer overflow in gopher client for Microsoft Internet Explorer 5.1 through 6.0, Proxy Server 2.0, or ISA Server 2000 allows remote attackers to execute arbitrary code via a gopher:// URL that redirects the user to a real or simulated gopher server that sends a long response.

Published: July 03, 2002; 12:00:00 AM -04:00
    V2: 7.5 HIGH
CVE-2002-0372

Microsoft Windows Media Player versions 6.4 and 7.1 and Media Player for Windows XP allow remote attackers to bypass Internet Explorer's (IE) security mechanisms and run code via an executable .wma media file with a license installation requirement stored in the IE cache, aka the "Cache Path Disclosure via Windows Media Player".

Published: July 03, 2002; 12:00:00 AM -04:00
    V2: 7.5 HIGH
CVE-2002-0373

The Windows Media Device Manager (WMDM) Service in Microsoft Windows Media Player 7.1 on Windows 2000 systems allows local users to obtain LocalSystem rights via a program that calls the WMDM service to connect to an invalid local storage device, aka "Privilege Elevation through Windows Media Device Manager Service".

Published: July 03, 2002; 12:00:00 AM -04:00
    V2: 7.2 HIGH
CVE-2002-0378

The default configuration of LPRng print spooler in Red Hat Linux 7.0 through 7.3, Mandrake 8.1 and 8.2, and other operating systems, accepts print jobs from arbitrary remote hosts.

Published: July 03, 2002; 12:00:00 AM -04:00
    V2: 7.5 HIGH
CVE-2002-0392

Apache 1.3 through 1.3.24, and Apache 2.0 through 2.0.36, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a chunk-encoded HTTP request that causes Apache to use an incorrect size.

Published: July 03, 2002; 12:00:00 AM -04:00
    V2: 7.5 HIGH
CVE-2002-0535

Cross-site scripting vulnerabilities in PostBoard 2.0.1 and earlier allows remote attackers to execute script as other users via (1) an [IMG] tag when BBCode is enabled, or (2) in a topic title.

Published: July 03, 2002; 12:00:00 AM -04:00
    V2: 5.0 MEDIUM
CVE-2002-0536

PHPGroupware 0.9.12 and earlier, when running with the magic_quotes_gpc feature disabled, allows remote attackers to compromise the database via a SQL injection attack.

Published: July 03, 2002; 12:00:00 AM -04:00
    V2: 7.5 HIGH
CVE-2002-0537

The admin.html file in StepWeb Search Engine (SWS) 2.5 stores passwords in links to manager.pl, which allows remote attackers who can access the admin.html file to gain administrative privileges to SWS.

Published: July 03, 2002; 12:00:00 AM -04:00
    V2: 10.0 HIGH
CVE-2002-0538

FTP proxy in Symantec Raptor Firewall 6.5.3 and Enterprise 7.0 rewrites an FTP server's "FTP PORT" responses in a way that allows remote attackers to redirect FTP data connections to arbitrary ports, a variant of the "FTP bounce" vulnerability.

Published: July 03, 2002; 12:00:00 AM -04:00
    V2: 7.5 HIGH
CVE-2002-0539

Demarc PureSecure 1.05 allows remote attackers to gain administrative privileges via a SQL injection attack in a session ID that is stored in the s_key cookie.

Published: July 03, 2002; 12:00:00 AM -04:00
    V2: 10.0 HIGH
CVE-2002-0540

Nortel CVX 1800 is installed with a default "public" community string, which allows remote attackers to read usernames and passwords and modify the CVX configuration.

Published: July 03, 2002; 12:00:00 AM -04:00
    V2: 7.5 HIGH
CVE-2002-0541

Buffer overflow in Tivoli Storage Manager TSM (1) Server or Storage Agents 3.1 through 5.1, and (2) the TSM Client Acceptor Service 4.2 and 5.1, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long HTTP GET request to port 1580 or port 1581.

Published: July 03, 2002; 12:00:00 AM -04:00
    V2: 7.5 HIGH
CVE-2002-0542

mail in OpenBSD 2.9 and 3.0 processes a tilde (~) escape character in a message even when it is not in interactive mode, which could allow local users to gain root privileges via calls to mail in cron.

Published: July 03, 2002; 12:00:00 AM -04:00
    V2: 7.2 HIGH
CVE-2002-0543

Directory traversal vulnerability in Aprelium Abyss Web Server (abyssws) before 1.0.0.2 allows remote attackers to read files outside the web root, including the abyss.conf file, via URL-encoded .. (dot dot) sequences in the HTTP request.

Published: July 03, 2002; 12:00:00 AM -04:00
    V2: 5.0 MEDIUM
CVE-2002-0545

Cisco Aironet before 11.21 with Telnet enabled allows remote attackers to cause a denial of service (reboot) via a series of login attempts with invalid usernames and passwords.

Published: July 03, 2002; 12:00:00 AM -04:00
    V2: 5.0 MEDIUM
CVE-2002-0546

Cross-site scripting vulnerability in the mini-browser for Winamp 2.78 and 2.79 allows remote attackers to execute script via an ID3v1 or ID3v2 tag in an MP3 file.

Published: July 03, 2002; 12:00:00 AM -04:00
    V2: 7.5 HIGH
CVE-2002-0547

Buffer overflow in the mini-browser for Winamp 2.79 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long string in the title field of an ID3v2 tag.

Published: July 03, 2002; 12:00:00 AM -04:00
    V2: 7.5 HIGH
CVE-2002-0548

Anthill allows remote attackers to bypass authentication and file bug reports by directly accessing the postbug.php program instead of enterbug.php.

Published: July 03, 2002; 12:00:00 AM -04:00
    V2: 7.5 HIGH
CVE-2002-0549

Cross-site scripting vulnerabilities in Anthill allow remote attackers to execute script as other Anthill users.

Published: July 03, 2002; 12:00:00 AM -04:00
    V2: 7.5 HIGH