CVE Vulnerabilities
CVE vulnerability database enriched with CISA KEV and NVD data
| CVE ID | CVSS | Severity | KEV | Sightings |
|---|---|---|---|---|
| CVE-2002-0995 login.php for PHPAuction allows remote attackers to gain privileges via a direct call to login.php with the action parameter set to "insert," which adds the provided username to the adminUsers table. | N/A | NONE | — | 0 |
| CVE-2002-0996 Multiple buffer overflows in Novell NetMail (NIMS) 3.0.3 before 3.0.3C allows remote attackers to cause a denial of service and possibly execute arbitrary code via (1) WebAdmin or (2) ModWeb. | N/A | NONE | — | 0 |
| CVE-2002-0997 Buffer overflows in IMAP Agent (imapd) for Novell NetMail (NIMS) 3.0.3 before 3.0.3A allows remote attackers to cause a denial of service. | N/A | NONE | — | 0 |
| CVE-2006-0472 Cross-site scripting (XSS) vulnerability in guestbook.php in my little homepage my little guestbook, as last modified in March 2004, allows remote attackers to inject arbitrary Javascript via a javasc... | N/A | NONE | — | 0 |
| CVE-2002-0998 Directory traversal vulnerability in cafenews.php for CARE 2002 before beta 1.0.02 allows remote attackers to read arbitrary files via .. (dot dot) sequences and null characters in the lang parameter,... | N/A | NONE | — | 0 |
| CVE-2002-0999 Multiple SQL injection vulnerabilities in CARE 2002 before beta 1.0.02 allow remote attackers to perform unauthorized database operations. | N/A | NONE | — | 0 |
| CVE-2002-1000 Buffer overflow in AnalogX SimpleServer:Shout 1.0 allows remote attackers to cause a denial of service and execute arbitrary code via a long request to TCP port 8001. | N/A | NONE | — | 0 |
| CVE-2002-1001 Buffer overflows in AnalogX Proxy before 4.12 allows remote attackers to cause a denial of service and possibly execute arbitrary code via (1) a long HTTP request to TCP port 6588 or (2) a SOCKS 4A re... | N/A | NONE | — | 0 |
| CVE-2002-1002 Buffer overflow in Novell iManager (eMFrame 1.2.1) allows remote attackers to cause a denial of service (crash) via a long user name. | N/A | NONE | — | 0 |
| CVE-2025-53348 Missing Authorization vulnerability in Laborator Kalium kalium allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Kalium: from n/a through <= 3.18.3. | 5.3 | MEDIUM | — | 0 |
| CVE-2002-1003 Buffer overflow in MyWebServer 1.02 and earlier allows remote attackers to execute arbitrary code via a long HTTP GET request. | N/A | NONE | — | 0 |
| CVE-2002-1004 Directory traversal vulnerability in webmail feature of ArGoSoft Mail Server Plus or Pro 1.8.1.5 and earlier allows remote attackers to read arbitrary files via .. (dot dot) sequences in a URL. | N/A | NONE | — | 0 |
| CVE-2002-1005 ArGoSoft Mail Server 1.8.1.7 and earlier allows a webmail user to cause a denial of service (CPU consumption) by forwarding the email to the user while autoresponse is enabled, which creates an infini... | N/A | NONE | — | 0 |
| CVE-2002-1006 Cross-site scripting (XSS) vulnerability in BBC Education Text to Speech Internet Enhancer (Betsie) 1.5.11 and earlier allows remote attackers to execute arbitrary web script via parserl.pl. | N/A | NONE | — | 0 |
| CVE-2002-1007 Cross-site scripting vulnerabilities in Blackboard 5 allow remote attackers to execute arbitrary web script via (1) the course_id parameter in a link to login.pl, (2) the CTID parameter in ProcessInfo... | N/A | NONE | — | 0 |
| CVE-2002-1008 Cross-site scripting vulnerability in PowerBASIC urlcount.cgi, as included in Lil' HTTP web server, allows remote attackers to execute arbitrary web script in other web browsers via a request to urlco... | N/A | NONE | — | 0 |
| CVE-2002-1009 Cross-site scripting vulnerability in PowerBASIC pbcgi.cgi, as included in Lil' HTTP web server, allows remote attackers to execute arbitrary web script in other web browsers via the (1) "Name" or (2)... | N/A | NONE | — | 0 |
| CVE-2002-1010 Lotus Domino R4 allows remote attackers to bypass access restrictions for files in the web root via an HTTP request appended with a "?" character, which is treated as a wildcard character and bypasses... | N/A | NONE | — | 0 |
| CVE-2002-1011 Buffer overflow in web server for Tivoli Management Framework (TMF) Endpoint 3.6.x through 3.7.1, before Fixpack 2, allows remote attackers to cause a denial of service or execute arbitrary code via a... | N/A | NONE | — | 0 |
| CVE-2002-1012 Buffer overflow in web server for Tivoli Management Framework (TMF) ManagedNode 3.6.x through 3.7.1 allows remote attackers to cause a denial of service or execute arbitrary code via a long HTTP GET r... | N/A | NONE | — | 0 |
| CVE-2006-0473 Cross-site scripting (XSS) vulnerability in the bbcode function in weblog.php in my little homepage my little weblog, as last modified in April 2004, allows remote attackers to inject arbitrary Javasc... | N/A | NONE | — | 0 |
| CVE-2025-15484 The Order Notification for WooCommerce WordPress plugin before 3.6.3 overrides WooCommerce's permission checks to grant full access to all unauthenticated requests, enabling complete read/write acces... | 9.1 | CRITICAL | — | 0 |
| CVE-2026-2696 The Export All URLs WordPress plugin before 5.1 generates CSV filenames containing posts URLS (including private posts) in a predictable pattern using a random 6-digit number. These files are stored i... | 5.3 | MEDIUM | — | 0 |
| CVE-2002-1013 Buffer overflow in traffic_manager for Inktomi Traffic Server 4.0.18 through 5.2.2, Traffic Edge 1.1.2 and 1.5.0, and Media-IXT 3.0.4 allows local users to gain root privileges via a long -path argume... | N/A | NONE | — | 0 |
| CVE-2024-47369 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in wpweb Social Auto Poster social-auto-poster allows Reflected XSS.This issue affects Social Auto Po... | 7.1 | HIGH | — | 0 |
| CVE-2013-3950 Stack-based buffer overflow in the openSharedCacheFile function in dyld.cpp in dyld in Apple iOS 5.1.x and 6.x through 6.1.3 makes it easier for attackers to conduct untethering attacks via a long str... | N/A | NONE | — | 0 |
| CVE-2002-1014 Buffer overflow in RealJukebox 2 1.0.2.340 and 1.0.2.379, and RealOne Player Gold 6.0.10.505, allows remote attackers to execute arbitrary code via an RFS skin file whose skin.ini contains a long valu... | N/A | NONE | — | 0 |
| CVE-2002-1015 RealJukebox 2 1.0.2.340 and 1.0.2.379, and RealOne Player Gold 6.0.10.505, allows remote attackers to execute arbitrary script in the Local computer zone by inserting the script into the skin.ini file... | N/A | NONE | — | 0 |
| CVE-2002-1016 Adobe eBook Reader allows a user to bypass restrictions for copy, print, lend, and give operations by backing up key data files, performing the operations, and restoring the original data files. | N/A | NONE | — | 0 |
| CVE-2002-1017 Adobe eBook Reader 2.1 and 2.2 allows a user to copy eBooks to other systems by using the backup feature, capturing the encryption Challenge, and using the appropriate hash function to generate the ac... | N/A | NONE | — | 0 |
| CVE-2002-1018 The library feature for Adobe Content Server 3.0 does not verify if a customer has already checked out an eBook, which allows remote attackers to cause a denial of service (resource exhaustion) by che... | N/A | NONE | — | 0 |
| CVE-2002-1019 The library feature for Adobe Content Server 3.0 allows a remote attacker to check out an eBook for an arbitrary length of time via a modified loanMin parameter to download.asp. | N/A | NONE | — | 0 |
| CVE-2002-1020 The library feature for Adobe Content Server 3.0 allows a remote attacker to check out an eBook even when the maximum number of loans is exceeded by accessing the "Add to bookbag" feature when the ser... | N/A | NONE | — | 0 |
| CVE-2002-1021 BadBlue server allows remote attackers to read restricted files, such as EXT.INI, via an HTTP request that contains a hex-encoded null byte. | N/A | NONE | — | 0 |
| CVE-2002-1022 BadBlue server stores passwords in plaintext in the ext.ini file, which could allow local and possibly remote attackers to gain privileges. | N/A | NONE | — | 0 |
| CVE-2002-1023 BadBlue server allows remote attackers to cause a denial of service (crash) via an HTTP GET request without a URI. | N/A | NONE | — | 0 |
| CVE-2002-1024 Cisco IOS 12.0 through 12.2, when supporting SSH, allows remote attackers to cause a denial of service (CPU consumption) via a large packet that was designed to exploit the SSH CRC32 attack detection ... | N/A | NONE | — | 0 |
| CVE-2002-1025 JRun 3.0 through 4.0 allows remote attackers to read JSP source code via an encoded null byte in an HTTP GET request, which causes the server to send the .JSP file unparsed. | N/A | NONE | — | 0 |
| CVE-2002-1026 Macromedia Sitespring 1.2.0 (277.1) using Sybase runtime engine 7.0.2.1480 allows remote attackers to cause a denial of service (crash) via a long malformed request to TCP port 2500, possibly triggeri... | N/A | NONE | — | 0 |
| CVE-2002-1027 Cross-site scripting vulnerability in the default HTTP 500 error script (500error.jsp) for Macromedia Sitespring 1.2.0 (277.1) allows remote attackers to execute arbitrary web script via a link to 500... | N/A | NONE | — | 0 |
| CVE-2002-1028 Multiple buffer overflows in the CGI programs for Oddsock Song Requester WinAmp plugin 2.1 allow remote attackers to cause a denial of service (crash) via long arguments. | N/A | NONE | — | 0 |
| CVE-2002-1029 Res Manager in Worldspan for Windows Gateway 4.1 allows remote attackers to cause a denial of service (crash) via a malformed request to TCP port 17990. | N/A | NONE | — | 0 |
| CVE-2006-0474 Multiple integer overflows in Shareaza 2.2.1.0 allow remote attackers to execute arbitrary code via (1) a large packet length field, which causes an overflow in the ReadBuffer function in (a) BTPacket... | N/A | NONE | — | 0 |
| CVE-2002-1030 Race condition in Performance Pack in BEA WebLogic Server and Express 5.1.x, 6.0.x, 6.1.x and 7.0 allows remote attackers to cause a denial of service (crash) via a flood of data and connections. | N/A | NONE | — | 0 |
| CVE-2002-1031 KeyFocus (KF) web server 1.0.2 allows remote attackers to list directories and read restricted files via an HTTP request containing a %00 (null) character. | N/A | NONE | — | 0 |
| CVE-2002-1032 Buffer overflow in KeyFocus (KF) web server 1.0.5 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via a malformed HTTP header. | N/A | NONE | — | 0 |
| CVE-2002-1033 Directory traversal vulnerability in none.php for SunPS iRunbook 2.5.2 allows remote attackers to read arbitrary files via a "..:" sequence (dot-dot variant) in the argument. | N/A | NONE | — | 0 |
| CVE-2002-1034 none.php for SunPS iRunbook 2.5.2 allows remote attackers to read arbitrary files via an absolute pathname in the argument. | N/A | NONE | — | 0 |
| CVE-2026-1797 The Appointment Booking and Scheduler Plugin – Truebooker plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.1.4 through views php files. This... | 5.3 | MEDIUM | — | 0 |
| CVE-2002-1035 Omnicron OmniHTTPd 2.09 allows remote attackers to cause a denial of service (crash) via an HTTP request with a long, malformed HTTP 1version number. | N/A | NONE | — | 0 |
This product uses data from the NVD API but is not endorsed or certified by the NVD.