CVSS: 5.0EPSS: 84%CPEs: 2EXPL: 2CVE-2002-1023 – Working Resources BadBlue 1.7.3 - GET Denial of Service
https://notcve.org/view.php?id=CVE-2002-1023
BadBlue server allows remote attackers to cause a denial of service (crash) via an HTTP GET request without a URI. • https://www.exploit-db.com/exploits/21600 http://archives.neohapsis.com/archives/bugtraq/2002-07/0082.html http://archives.neohapsis.com/archives/bugtraq/2002-07/0143.html http://www.iss.net/security_center/static/9528.php http://www.securityfocus.com/bid/5187 •
CVSS: 5.0EPSS: 1%CPEs: 2EXPL: 2CVE-2002-1021 – Working Resources 1.7.3 BadBlue - Null Byte File Disclosure
https://notcve.org/view.php?id=CVE-2002-1021
BadBlue server allows remote attackers to read restricted files, such as EXT.INI, via an HTTP request that contains a hex-encoded null byte. • https://www.exploit-db.com/exploits/21616 http://archives.neohapsis.com/archives/bugtraq/2002-07/0143.html http://www.iss.net/security_center/static/9557.php http://www.securityfocus.com/bid/5226 •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 1CVE-2002-1022
https://notcve.org/view.php?id=CVE-2002-1022
BadBlue server stores passwords in plaintext in the ext.ini file, which could allow local and possibly remote attackers to gain privileges. • http://archives.neohapsis.com/archives/bugtraq/2002-07/0143.html http://www.iss.net/security_center/static/9558.php http://www.securityfocus.com/bid/5228 •
CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 0CVE-2002-0800
https://notcve.org/view.php?id=CVE-2002-0800
BadBlue 1.7.0 allows remote attackers to list the contents of directories via a URL with an encoded '%' character at the end. • http://archives.neohapsis.com/archives/bugtraq/2002-06/0003.html http://www.iss.net/security_center/static/9239.php http://www.securityfocus.com/bid/4912 •
CVSS: 7.5EPSS: 0%CPEs: 5EXPL: 0CVE-2002-0326
https://notcve.org/view.php?id=CVE-2002-0326
Cross-site scripting vulnerability in BadBlue before 1.6.1 beta allows remote attackers to execute arbitrary script and possibly additional commands via a URL that contains Javascript. • http://marc.info/?l=bugtraq&m=101474387016066&w=2 http://www.iss.net/security_center/static/8294.php http://www.securityfocus.com/bid/4180 •