CVE-2000-0110
The WebSiteTool shopping cart application allows remote users to modify sensitive purchase information via hidden form fields. Date published : 2000-02-08
Monthly Archive: February 2000
CVE-2000-0109
The mcsp Client Site Processor system (MultiCSP) in Standard and Poor’s ComStock is installed with several accounts that have no passwords or easily guessable default passwords. Date published : 2000-02-08
CVE-2000-0108
The Intellivend shopping cart application allows remote users to modify sensitive purchase information via hidden form fields. Date published : 2000-02-08
CVE-2000-0106
The EasyCart shopping cart application allows remote users to modify sensitive purchase information via hidden form fields. Date published : 2000-02-08
CVE-2000-0105
Outlook Express 5.01 and Internet Explorer 5.01 allow remote attackers to view a user’s email messages via a script that accesses a variable that references subsequent email messages that are read by the client....
CVE-2000-0104
The Shoptron shopping cart application allows remote users to modify sensitive purchase information via hidden form fields. Date published : 2000-02-08
CVE-2000-0103
The SmartCart shopping cart application allows remote users to modify sensitive purchase information via hidden form fields. Date published : 2000-02-08
CVE-2000-0102
The SalesCart shopping cart application allows remote users to modify sensitive purchase information via hidden form fields. Date published : 2000-02-08
CVE-2000-0101
The Make-a-Store OrderPage shopping cart application allows remote users to modify sensitive purchase information via hidden form fields. Date published : 2000-02-08
CVE-2000-0096
Buffer overflow in qpopper 3.0 beta versions allows local users to gain privileges via a long LIST command. Date published : 2000-02-08 http://www.securityfocus.com/bid/948
CVE-2000-0093
An installation of Red Hat uses DES password encryption with crypt() for the initial password, instead of md5. Date published : 2000-02-08
CVE-1999-1009
The Disney Go Express Search allows remote attackers to access and modify search information for users by connecting to an HTTP server on the user’s system. Date published : 2000-02-04
CVE-1999-1006
Groupwise web server GWWEB.EXE allows remote attackers to determine the real path of the web server via the HELP parameter. Date published : 2000-02-04 http://marc.info/?l=bugtraq&m=94571433731824&w=2
CVE-1999-1003
War FTP Daemon 1.70 allows remote attackers to cause a denial of service by flooding it with connections. Date published : 2000-02-04