Lucene search
K

1292 matches found

CVE
CVE
added 2003/04/02 5:0 a.m.44 views

CVE-2002-0463

ARSC (Really Simple Chat) version 1.0.1 and earlier is affected by an information disclosure vulnerability. An invalid arsc_language value allows remote attackers to cause an error message that reveals the full pathname of the web server, exposing partial confidentiality. The CVE entry notes this...

5CVSS7.1AI score0.01539EPSS
Exploits0References4Affected Software1
NVD
NVD
added 2003/03/31 5:0 a.m.14 views

CVE-2002-1545

CooolSoft Personal FTP Server 2.24 allows remote attackers to obtain the absolute pathname of the FTP root via a PWD command, which includes the full path in the response...

5CVSS6.5AI score0.01324EPSS
Exploits0References1
CVE
CVE
added 2003/03/26 5:0 a.m.62 views

CVE-2003-0153

CVE-2003-0153 affects the bonsai Mozilla CVS query tool. The vulnerability is an absolute path disclosure exposed in error messages generated by cvslog.cgi, cvsview2.cgi, and multidiff.cgi. Connected records confirm Debian advisory DSA-265-1 documents the issue and notes a missing update; OpenVAS...

5CVSS6.3AI score0.05668EPSS
Exploits0References5Affected Software1
Cvelist
Cvelist
added 2003/03/18 5:0 a.m.17 views

CVE-2002-1527

emumail.cgi in EMU Webmail 5.0 allows remote attackers to determine the full pathname for emumail.cgi via a malformed string containing script, which generates a regular expression matching error that includes the pathname in the resulting error message...

6.6AI score0.07476EPSS
Exploits1References4
Cvelist
Cvelist
added 2003/03/18 5:0 a.m.15 views

CVE-2002-1545

CooolSoft Personal FTP Server 2.24 allows remote attackers to obtain the absolute pathname of the FTP root via a PWD command, which includes the full path in the response...

6.5AI score0.01324EPSS
Exploits0References1
Cvelist
Cvelist
added 2003/03/18 5:0 a.m.17 views

CVE-2002-1423

tmpview.php in FUDforum before 2.2.0 allows remote attackers to read arbitrary files via an absolute pathname in the file parameter...

6.7AI score0.03452EPSS
Exploits1References4
CVE
CVE
added 2003/03/18 5:0 a.m.42 views

CVE-2002-1423

The CVE-2002-1423 issue concerns FUDforum, where tmp_view.php before version 2.2.0 allows remote attackers to read arbitrary files through an absolute pathname supplied in the file parameter. The underlying vulnerability is a path traversal/unsafe file inclusion in the tmp_view.php handler, enabl...

5CVSS7.1AI score0.03452EPSS
Exploits1References4Affected Software1
CVE
CVE
added 2003/03/18 5:0 a.m.40 views

CVE-2002-1525

CVE-2002-1525 concerns a directory traversal vulnerability in the ASTAware SearchDisk engine of Sun ONE Starter Kit 2.0. The flaw allows remote attackers to read arbitrary files via a .. (dot dot) path traversal on ports 6015 or 6016, or through an absolute pathname to port 6017. The available re...

5CVSS7.1AI score0.08052EPSS
Exploits1References3Affected Software2
Tenable Nessus
Tenable Nessus
added 2003/03/13 12:0 a.m.46 views

HP-UX ftpd glob() Expansion STAT Buffer Overflow

The remote HPUX 11 FTP server is affected by a buffer overflow vulnerability. The overflow occurs when the STAT command is issued with an argument that expands into an oversized string after being processed by the 'glob' function. TRUSTED...

10CVSS5.9AI score0.11169EPSS
Exploits1References2
NVD
NVD
added 2002/12/31 5:0 a.m.17 views

CVE-2002-2024

Horde IMP 2.2.7 allows remote attackers to obtain the full web root pathname via an HTTP request for 1 poppassd.php3, 2 login.php3?reason=chpass2, 3 spelling.php3, and 4 ldap.search.php3?ldapserv=nonsense which leaks the information in error messages...

5.3CVSS6.5AI score0.01924EPSS
Exploits0References3
NVD
NVD
added 2002/10/04 4:0 a.m.16 views

CVE-2002-0918

CGIScript.net csPassword.cgi leaks sensitive information such as the pathname of the server in debug messages that are presented when the script fails, which allows remote attackers to obtain the information via a "remove" option in the command parameter, which generates an error...

5CVSS6.2AI score0.03497EPSS
Exploits1References3
NVD
NVD
added 2002/10/04 4:0 a.m.13 views

CVE-2002-0921

CGIScript.net csNews.cgi allows remote attackers to obtain potentially sensitive information, such as the full server pathname and other configuration settings, via the viewnews command with an invalid database, which leaks the information in error messages...

5CVSS6.4AI score0.01309EPSS
Exploits0References2
OSV
OSV
added 2002/09/05 4:0 a.m.7 views

CVE-2002-0654

Apache 2.0 through 2.0.39 on Windows, OS2, and Netware allows remote attackers to determine the full pathname of the server via 1 a request for a .var file, which leaks the pathname in the resulting error message, or 2 via an error message that occurs when a script child process cannot be invoked...

6.9AI score
Exploits0References16
NVD
NVD
added 2002/09/05 4:0 a.m.16 views

CVE-2002-0654

Apache 2.0 through 2.0.39 on Windows, OS2, and Netware allows remote attackers to determine the full pathname of the server via 1 a request for a .var file, which leaks the pathname in the resulting error message, or 2 via an error message that occurs when a script child process cannot be invoked...

5CVSS6.7AI score0.58676EPSS
Exploits0References16
Cvelist
Cvelist
added 2002/08/31 4:0 a.m.20 views

CVE-2002-0921

CGIScript.net csNews.cgi allows remote attackers to obtain potentially sensitive information, such as the full server pathname and other configuration settings, via the viewnews command with an invalid database, which leaks the information in error messages...

6.4AI score0.01309EPSS
Exploits0References2
EUVD
EUVD
added 2002/08/31 4:0 a.m.4 views

EUVD-2002-0909

CGIScript.net csPassword.cgi leaks sensitive information such as the pathname of the server in debug messages that are presented when the script fails, which allows remote attackers to obtain the information via a "remove" option in the command parameter, which generates an error...

5CVSS6.2AI score0.03497EPSS
Exploits1References3
CVE
CVE
added 2002/08/31 4:0 a.m.53 views

CVE-2002-1034

CVE-2002-1034 affects SunPS iRunbook 2.5.2. The vulnerability is triggered through none.php by supplying an absolute pathname as an argument, enabling remote attackers to read arbitrary files and potentially compromise confidentiality (and integrity per CVSS). The available connected documents pr...

10CVSS7.1AI score0.04349EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2002/08/31 4:0 a.m.20 views

CVE-2002-0918

CGIScript.net csPassword.cgi leaks sensitive information such as the pathname of the server in debug messages that are presented when the script fails, which allows remote attackers to obtain the information via a "remove" option in the command parameter, which generates an error...

6.2AI score0.03497EPSS
Exploits1References3
Cvelist
Cvelist
added 2002/08/23 4:0 a.m.16 views

CVE-2002-0979

The Java logging feature for the Java Virtual Machine in Internet Explorer writes output from functions such as System.out.println to a known pathname, which can be used to execute arbitrary code...

7.2AI score0.06457EPSS
Exploits0References3
Cvelist
Cvelist
added 2002/08/20 4:0 a.m.22 views

CVE-2002-0654

Apache 2.0 through 2.0.39 on Windows, OS2, and Netware allows remote attackers to determine the full pathname of the server via 1 a request for a .var file, which leaks the pathname in the resulting error message, or 2 via an error message that occurs when a script child process cannot be invoked...

6.6AI score0.58676EPSS
Exploits0References16
Rows per page
Query Builder