EUVD-2002-0987

Malware in sbrugna...

EUVD-2002-0988

Malware in sbrugna...

CVE-2002-0999

Multiple SQL injection vulnerabilities in CARE 2002 before beta 1.0.02 allow remote attackers to perform unauthorized database operations...

CVE-2002-0998

Directory traversal vulnerability in cafenews.php for CARE 2002 before beta 1.0.02 allows remote attackers to read arbitrary files via .. dot dot sequences and null characters in the lang parameter, which is processed by a call to the include function...

CVE-2002-0998

The CVE-2002-0998 entry affects CARE 2002 prior to beta 1.0.02 in cafenews.php, where the lang parameter is processed by include, enabling directory traversal to read arbitrary files via .. patterns (and null chars). The issue arises in the cafenews.php include call, affecting CARE 2002’s web com...

CVE-2002-0999

CARE 2002 is affected by multiple SQL injection vulnerabilities in versions before beta 1.0.02, allowing remote attackers to perform unauthorized database operations. The root cause is SQL injection in CARE 2002 prior to 1.0.02. Impact, as described in sources, includes unauthorized database mani...

CVE-2002-0999

Multiple SQL injection vulnerabilities in CARE 2002 before beta 1.0.02 allow remote attackers to perform unauthorized database operations...

PT-2002-2004 · Care 2002 · Care 2002

Name of the Vulnerable Software and Affected Versions: CARE 2002 versions prior to beta 1.0.02 Description: The issue allows remote attackers to read arbitrary files via .. dot dot sequences and null characters in the lang parameter, which is processed by a call to the include function...

Several problems in CARE 2002

Several problems in CARE 2002 ------------------------------------- What is CARE 2002? CARE 2002 is a free software package for hospitals. It's based on php + mysql. For further information visit http://www.care2x.com/. include + NULL problem Problem description There are several include statemen...