manual.php in Marcus S. Xenakis Unix Manual 1.0 allows remote attackers to execute arbitrary code via a URL that contains shell metacharacters. Date published : 2002-03-15 http://www.securityfocus.com/bid/3718 http://www.securityfocus.com/archive/1/247332
The default configuration of DataWizard FtpXQ 2.0 and 2.1 includes a default username and password, which allows remote attackers to read and write arbitrary files in the root folder. Date published : 2002-03-15 http://www.securityfocus.com/bid/3716...
Cross-site scripting vulnerability in catgy.cgi for Aktivate 1.03 allows remote attackers to execute arbitrary Javascript via the desc parameter. Date published : 2002-03-15 http://www.securityfocus.com/bid/3714 http://www.securityfocus.com/archive/1/246274
Ipswitch IMail 7.0.4 and earlier allows attackers with administrator privileges to read and modify user alias and mailing list information for other domains hosted by the same server via the (1) aliasadmin or (2)...
Cisco ubr900 series routers that conform to the Data-over-Cable Service Interface Specifications (DOCSIS) standard must ship without SNMP access restrictions, which can allow remote attackers to read and write information to the MIB using...
Directory traversal vulnerability in zml.cgi allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter. Date published : 2002-03-15 http://www.securityfocus.com/bid/3759 http://seclists.org/bugtraq/2001/Dec/0306.html
Format string vulnerability in DayDream BBS allows remote attackers to execute arbitrary code via format string specifiers in a file containing a ~#RA control code. Date published : 2002-03-15 http://marc.info/?l=bugtraq&m=100977623710528&w=2
Buffer overflows in DayDream BBS 2.9 through 2.13 allow remote attackers to possibly execute arbitrary code via the control codes (1) ~#MC, (2) ~#TF, or (3) ~#RA. Date published : 2002-03-15 http://www.securityfocus.com/bid/3757 http://www.securityfocus.com/archive/1/247708
Matrix CGI vault Last Lines 2.0 allows remote attackers to execute arbitrary commands via shell metacharacters in the $error_log variable. Date published : 2002-03-15 http://www.securityfocus.com/bid/3755 http://marc.info/?l=bugtraq&m=100975978324723&w=2
Directory traversal vulnerability in lastlines.cgi for Last Lines 2.0 allows remote attackers to read arbitrary files via ‘..’ sequences in the $error_log variable. Date published : 2002-03-15 http://www.securityfocus.com/bid/3754 http://marc.info/?l=bugtraq&m=100975978324723&w=2
Directory traversal vulnerability in phprocketaddin in Total PC Solutions PHP Rocket Add-in for FrontPage 1.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the page parameter. Date published :...
Cross-site scripting vulnerability in DeleGate 7.7.0 and 7.7.1 does not quote scripting commands within a "403 Forbidden" error page, which allows remote attackers to execute arbitrary Javascript on other clients via a URL that...
RLPDaemon in HP-UX 10.20 and 11.0 allows local users to overwrite arbitrary files and gain privileges by specifying the target file in the -L option. Date published : 2002-03-15 http://www.securityfocus.com/bid/3701 http://www.securityfocus.com/archive/1/245690
klprfax_filter in KDE2 KDEUtils allows local users to overwrite arbitrary files via a symlink attack on the klprfax.filter temporary file. Date published : 2002-03-15 http://www.securityfocus.com/bid/3694 http://marc.info/?l=bugtraq&m=100837486611350&w=2