Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
matt moore vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2002-0680
Directory traversal vulnerability in GoAhead Web Server 2.1 allows remote malicious users to read arbitrary files via a URL with an encoded / (%5C) in a .. (dot dot) sequence. NOTE: it is highly likely that this candidate will be REJECTED because it has been reported to be a dupl...
Orange Software Orange Web Server 2.1
Goahead Software Goahead Webserver 2.1.4
Goahead Software Goahead Webserver 2.1.5
Goahead Software Goahead Webserver 2.1.2
Goahead Software Goahead Webserver 2.1.3
Goahead Software Goahead Webserver 2.1.1
Montavista Software Hard Hat Linux 1.0
1 EDB exploit
NA
CVE-2002-0682
Cross-site scripting vulnerability in Apache Tomcat 4.0.3 allows remote malicious users to execute script as other web users via script in a URL with the /servlet/ mapping, which does not filter the script when an exception is thrown by the servlet.
Apache Tomcat 4.0.3
1 EDB exploit
NA
CVE-2002-0892
The default configuration of NewAtlanta ServletExec ISAPI 4.1 allows remote malicious users to determine the path of the web root via a direct request to com.newatlanta.servletexec.JSP10Servlet without a filename, which leaks the pathname in an error message.
New Atlanta Communications Servletexec Isapi 4.1
1 EDB exploit
NA
CVE-2002-0893
Directory traversal vulnerability in NewAtlanta ServletExec ISAPI 4.1 allows remote malicious users to read arbitrary files via a URL-encoded request to com.newatlanta.servletexec.JSP10Servlet containing "..%5c" (modified dot-dot) sequences.
New Atlanta Communications Servletexec Isapi 4.1
1 EDB exploit
NA
CVE-2002-0894
NewAtlanta ServletExec ISAPI 4.1 allows remote malicious users to cause a denial of service (crash) via (1) a request for a long .jsp file, or (2) a long URL sent directly to com.newatlanta.servletexec.JSP10Servlet.
New Atlanta Communications Servletexec Isapi 4.1
1 EDB exploit
NA
CVE-2002-0665
Macromedia JRun Administration Server allows remote malicious users to bypass authentication on the login form via an extra slash (/) in the URL.
Macromedia Jrun 4.0
Macromedia Jrun 3.0
Macromedia Jrun 3.1
1 EDB exploit
NA
CVE-2002-0708
Directory traversal vulnerability in the Web Reports Server for SurfControl SuperScout WebFilter allows remote malicious users to read arbitrary files via an HTTP request containing ... (triple dot) sequences.
Surfcontrol Web Filter 4.1
Surfcontrol Superscout Web Filter 3.0.3
Surfcontrol Web Filter 4.0
Surfcontrol Superscout Web Filter 3.0
1 EDB exploit
NA
CVE-2002-0709
SQL injection vulnerabilities in the Web Reports Server for SurfControl SuperScout WebFilter allow remote malicious users to execute arbitrary SQL queries via the RunReport option to SimpleBar.dll, and possibly other DLLs.
Surfcontrol Superscout Web Filter 3.0
Surfcontrol Superscout Web Filter 3.0.3
Surfcontrol Web Filter 4.0
Surfcontrol Web Filter 4.1
1 EDB exploit
NA
CVE-2002-0186
Buffer overflow in the SQLXML ISAPI extension of Microsoft SQL Server 2000 allows remote malicious users to execute arbitrary code via data queries with a long content-type parameter, aka "Unchecked Buffer in SQLXML ISAPI Extension."
Microsoft Sql Server 2000
1 EDB exploit
NA
CVE-2002-0187
Cross-site scripting vulnerability in the SQLXML component of Microsoft SQL Server 2000 allows an malicious user to execute arbitrary script via the root parameter as part of an XML SQL query, aka "Script Injection via XML Tag."
Microsoft Sql Server 2000
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48693
CVE-2024-30851
CVE-2024-34460
CVE-2024-2887
local
CVE-2024-27956
remote code execution
CVE-2024-34475
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »