National Vulnerability Database

National Vulnerability Database

National Vulnerability
Database

Search Results (Refine Search)

Search Parameters:
  • Keyword (text search): PHP
  • Search Type: Search All
  • Contains Software Flaws (CVE)
There are 27,701 matching records.
Displaying matches 27121 through 27140.
Vuln ID Summary CVSS Severity
CVE-2002-0122

Siemens 3568i WAP mobile phones allows remote attackers to cause a denial of service (crash) via an SMS message containing unusual characters.

Published: March 25, 2002; 12:00:00 AM -05:00
    V2: 5.0 MEDIUM
CVE-2002-0123

MDG Computer Services Web Server 4D WS4D/eCommerce 3.0 and earlier, and possibly 3.5.3, allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long HTTP request.

Published: March 25, 2002; 12:00:00 AM -05:00
    V2: 7.5 HIGH
CVE-2002-0124

MDG Computer Services Web Server 4D/eCommerce 3.5.3 allows remote attackers to exploit directory traversal vulnerability via a ../ (dot dot) containing URL-encoded slashes in the HTTP request.

Published: March 25, 2002; 12:00:00 AM -05:00
    V2: 5.0 MEDIUM
CVE-2002-0125

Buffer overflow in ClanLib library 0.5 may allow local users to execute arbitrary code in games that use the library, such as (1) Super Methane Brothers, (2) Star War, (3) Kwirk, (4) Clankanoid, and others, via a long HOME environment variable.

Published: March 25, 2002; 12:00:00 AM -05:00
    V2: 7.2 HIGH
CVE-2002-0126

Buffer overflow in BlackMoon FTP Server 1.0 through 1.5 allows remote attackers to execute arbitrary code via a long argument to (1) USER, (2) PASS, or (3) CWD.

Published: March 25, 2002; 12:00:00 AM -05:00
    V2: 7.5 HIGH
CVE-2002-0128

cgitest.exe in Sambar Server 5.1 before Beta 4 allows remote attackers to cause a denial of service, and possibly execute arbitrary code, via a long argument.

Published: March 25, 2002; 12:00:00 AM -05:00
    V2: 7.5 HIGH
CVE-2002-0129

efax 0.9 and earlier, when installed setuid root, allows local users to read arbitrary files via the -d option, which prints the contents of the file in a warning message.

Published: March 25, 2002; 12:00:00 AM -05:00
    V2: 2.1 LOW
CVE-2002-0130

Buffer overflow in efax 0.9 and earlier, when installed setuid root, allows local users to execute arbitrary code via a long -x argument.

Published: March 25, 2002; 12:00:00 AM -05:00
    V2: 7.2 HIGH
CVE-2002-0131

ActivePython ActiveX control for Python in the AXScript package, when used in Internet Explorer, does not prevent a script from reading files from the client's filesystem, which allows remote attackers to read arbitrary files via a malicious web page containing Python script.

Published: March 25, 2002; 12:00:00 AM -05:00
    V2: 5.0 MEDIUM
CVE-2002-0132

Buffer overflow in Chinput 3.0 allows local users to execute arbitrary code via a long HOME environment variable.

Published: March 25, 2002; 12:00:00 AM -05:00
    V2: 7.2 HIGH
CVE-2002-0133

Buffer overflows in Avirt Gateway Suite 4.2 allow remote attackers to cause a denial of service and possibly execute arbitrary code via (1) long header fields to the HTTP proxy, or (2) a long string to the telnet proxy.

Published: March 25, 2002; 12:00:00 AM -05:00
    V2: 7.5 HIGH
CVE-2002-0134

Telnet proxy in Avirt Gateway Suite 4.2 does not require authentication for connecting to the proxy system itself, which allows remote attackers to list file contents of the proxy and execute arbitrary commands via a "dos" command.

Published: March 25, 2002; 12:00:00 AM -05:00
    V2: 7.5 HIGH
CVE-2002-0135

Netopia Timbuktu Pro 6.0.1 and earlier allows remote attackers to cause a denial of service (crash) via a series of connections to one of the ports (1417 - 1420).

Published: March 25, 2002; 12:00:00 AM -05:00
    V2: 5.0 MEDIUM
CVE-2002-0139

Pi-Soft SpoonFTP 1.1 and earlier allows remote attackers to redirect traffic to other sites (aka FTP bounce) via the PORT command.

Published: March 25, 2002; 12:00:00 AM -05:00
    V2: 7.5 HIGH
CVE-2002-0140

Domain Name Relay Daemon (dnrd) 2.10 and earlier allows remote malicious DNS sites to cause a denial of service and possibly execute arbitrary code via a long or malformed DNS reply, which is not handled properly by parse_query, get_objectname, and possibly other functions.

Published: March 25, 2002; 12:00:00 AM -05:00
    V2: 7.5 HIGH
CVE-2002-0141

Maelstrom GPL 3.0.1 allows local users to overwrite arbitrary files of other Maelstrom users via a symlink attack on the /tmp/f file.

Published: March 25, 2002; 12:00:00 AM -05:00
    V2: 1.2 LOW
CVE-2002-0142

CGI handler in John Roy Pi3Web for Windows 2.0 beta 1 and 2 allows remote attackers to cause a denial of service (crash) via a series of requests whose physical path is exactly 260 characters long and ends in a series of . (dot) characters.

Published: March 25, 2002; 12:00:00 AM -05:00
    V2: 7.5 HIGH
CVE-2002-0143

Buffer overflow in Eterm of Enlightenment Imlib2 1.0.4 and earlier allows local users to execute arbitrary code via a long HOME environment variable.

Published: March 25, 2002; 12:00:00 AM -05:00
    V2: 4.6 MEDIUM
CVE-2002-0144

Directory traversal vulnerability in chuid 1.2 and earlier allows remote attackers to change the ownership of files outside of the upload directory via a .. (dot dot) attack.

Published: March 25, 2002; 12:00:00 AM -05:00
    V2: 7.5 HIGH
CVE-2000-1210

Directory traversal vulnerability in source.jsp of Apache Tomcat before 3.1 allows remote attackers to read arbitrary files via a .. (dot dot) in the argument to source.jsp.

Published: March 22, 2002; 12:00:00 AM -05:00
    V2: 5.0 MEDIUM