7 matches found
EUVD-2002-1665
Malware in sbrugna...
CVE-2002-2170
Working Resources Inc. BadBlue Enterprise Edition 1.7 through 1.74 attempts to restrict administrator actions to the IP address of the local host, but does not provide additional authentication, which allows remote attackers to execute arbitrary code via a web page containing an HTTP POST request...
CVE-2002-2170
The CVE affects BadBlue Enterprise Edition versions 1.7–1.74. The root cause is insufficient authentication when attempts to restrict administrator actions to localhost IP, allowing a remote attacker to trigger arbitrary code execution via an HTTP POST to the dir.hts page on localhost, which can ...
EUVD-2002-2149
Working Resources Inc. BadBlue Enterprise Edition 1.7 through 1.74 attempts to restrict administrator actions to the IP address of the local host, but does not provide additional authentication, which allows remote attackers to execute arbitrary code via a web page containing an HTTP POST request...
CVE-2002-1684
The CVE-2002-1684 entry concerns a directory traversal vulnerability in Deerfield D2Gfx 1.0.2 and BadBlue Enterprise Edition 1.5.x plus BadBlue Personal Edition 1.5.6. The vulnerability allows remote attackers to read arbitrary files via a ../ traversal in the script used to read Microsoft Office...
CVE-2002-1684
Directory traversal vulnerability in 1 Deerfield D2Gfx 1.0.2 or 2 BadBlue Enterprise Edition 1.5.x and BadBlue Personal Edition 1.5.6 allows remote attackers to read arbitrary files via a ../ dot dot slash in the script used to read Microsoft Office documents...
CVE-2002-1685
Cross-site scripting vulnerability XSS in BadBlue Enterprise Edition and Personal Edition 1.7 and 1.7.2 allows remote attackers to execute arbitrary script as other users by injecting script into ext.dll ISAPI...