CVSS: 4.3EPSS: 1%CPEs: 3EXPL: 1CVE-2002-1700 – ColdFusion MX - Missing Template Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2002-1700
Cross-site scripting vulnerability (XSS) in the missing template handler in Macromedia ColdFusion MX allows remote attackers to execute arbitrary script as other users by injecting script into the HTTP request for the name of a template, which is not filtered in the resulting 404 error message. • https://www.exploit-db.com/exploits/21548 http://online.securityfocus.com/archive/1/277487 http://www.macromedia.com/v1/Handlers/index.cfm?ID=23047 http://www.securityfocus.com/bid/5011 https://exchange.xforce.ibmcloud.com/vulnerabilities/9360 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 1CVE-2002-1908
https://notcve.org/view.php?id=CVE-2002-1908
Microsoft IIS 5.0 and 5.1 allows remote attackers to cause a denial of service (CPU consumption) via an HTTP request with a Host header that contains a large number of "/" (forward slash) characters. • http://www.iss.net/security_center/static/10370.php http://www.securiteam.com/windowsntfocus/6C00C1F5QA.html http://www.securityfocus.com/bid/5907 •
CVSS: 5.0EPSS: 3%CPEs: 1EXPL: 2CVE-2002-1744 – Microsoft IIS 5.0 - 'CodeBrws.asp' Source Code Disclosure
https://notcve.org/view.php?id=CVE-2002-1744
Directory traversal vulnerability in CodeBrws.asp in Microsoft IIS 5.0 allows remote attackers to view source code and determine the existence of arbitrary files via a hex-encoded "%c0%ae%c0%ae" string, which is the Unicode representation for ".." (dot dot). • https://www.exploit-db.com/exploits/21385 http://online.securityfocus.com/archive/1/267945 http://online.securityfocus.com/archive/1/268065 http://www.securityfocus.com/bid/4525 https://exchange.xforce.ibmcloud.com/vulnerabilities/8853 •
CVSS: 5.0EPSS: 0%CPEs: 3EXPL: 0CVE-2002-1695
https://notcve.org/view.php?id=CVE-2002-1695
Norton Internet Security 2001 opens log files with FILE_SHARE_READ and FILE_SHARE_WRITE permissions, which could allow remote attackers to modify the log file contents while Norton Internet Security is running. • http://online.securityfocus.com/archive/1/250591 http://www.securityfocus.com/bid/3888 https://exchange.xforce.ibmcloud.com/vulnerabilities/7919 •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2002-1180
https://notcve.org/view.php?id=CVE-2002-1180
A typographical error in the script source access permissions for Internet Information Server (IIS) 5.0 does not properly exclude .COM files, which allows attackers with only write permissions to upload malicious .COM files, aka "Script Source Access Vulnerability." Un error tipográfico en los permisos de acceso a fuentes de scripts en Internet Information Server (IIS) 5.0 no excluye adecuadamente ficheros .COM, lo que permite a atacantes con sólo permisos de escritura cargar ficheros .COM, también conocida como "Vulnerabilidad de Acceso a Fuente de Scripts" • http://www.ciac.org/ciac/bulletins/n-011.shtml http://www.iss.net/security_center/static/10504.php http://www.securityfocus.com/bid/6068 http://www.securityfocus.com/bid/6071 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-062 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A931 •