Vulnerability-Lookup

Search criteria ⓘ Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.

Full-Text Search

Vendor

Product

Assigner

Sources

Sort by

Order

Apply ordering (override relevance)

CVE-2002-2045 (GCVE-0-2002-2045)

Vulnerability from cvelistv5 – Published: 2005-07-14 04:00 – Updated: 2024-08-08 03:51

Summary

x_stat_admin.php in x-stat 2.3 and earlier allows remote attackers to (1) execute PHP commands such as phpinfo or (2) obtain the full path of the web server via an invalid action parameter, which leaks the pathname in an error message.

Severity

No CVSS data available.

CWE

n/a

Assigner

mitre

References

7 references

URL	Tags
http://seclists.org/lists/vuln-dev/2002/Mar/0156.html	mailing-listx_refsource_VULN-DEV
http://www.securityfocus.com/bid/4279	vdb-entryx_refsource_BID
http://www.securityfocus.com/bid/4280	vdb-entryx_refsource_BID
http://securitytracker.com/id?1003827	vdb-entryx_refsource_SECTRACK
https://exchange.xforce.ibmcloud.com/vulnerabilit…	vdb-entryx_refsource_XF
http://www.ifrance.com/kitetoua/tuto/x_holes.txt	x_refsource_MISC
https://exchange.xforce.ibmcloud.com/vulnerabilit…	vdb-entryx_refsource_XF

Date Public

2002-03-12 00:00

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-08T03:51:17.523Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20020313 X_holes",
            "tags": [
              "mailing-list",
              "x_refsource_VULN-DEV",
              "x_transferred"
            ],
            "url": "http://seclists.org/lists/vuln-dev/2002/Mar/0156.html"
          },
          {
            "name": "4279",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/4279"
          },
          {
            "name": "4280",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/4280"
          },
          {
            "name": "1003827",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1003827"
          },
          {
            "name": "xstat-phpinfo-reveal-info(8467)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/8467"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.ifrance.com/kitetoua/tuto/x_holes.txt"
          },
          {
            "name": "xstat-action-reveal-path(8466)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/8466"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2002-03-12T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "x_stat_admin.php in x-stat 2.3 and earlier allows remote attackers to (1) execute PHP commands such as phpinfo or (2) obtain the full path of the web server via an invalid action parameter, which leaks the pathname in an error message."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-07-10T14:57:01.000Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "20020313 X_holes",
          "tags": [
            "mailing-list",
            "x_refsource_VULN-DEV"
          ],
          "url": "http://seclists.org/lists/vuln-dev/2002/Mar/0156.html"
        },
        {
          "name": "4279",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/4279"
        },
        {
          "name": "4280",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/4280"
        },
        {
          "name": "1003827",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1003827"
        },
        {
          "name": "xstat-phpinfo-reveal-info(8467)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/8467"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.ifrance.com/kitetoua/tuto/x_holes.txt"
        },
        {
          "name": "xstat-action-reveal-path(8466)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/8466"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2002-2045",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "x_stat_admin.php in x-stat 2.3 and earlier allows remote attackers to (1) execute PHP commands such as phpinfo or (2) obtain the full path of the web server via an invalid action parameter, which leaks the pathname in an error message."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20020313 X_holes",
              "refsource": "VULN-DEV",
              "url": "http://seclists.org/lists/vuln-dev/2002/Mar/0156.html"
            },
            {
              "name": "4279",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/4279"
            },
            {
              "name": "4280",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/4280"
            },
            {
              "name": "1003827",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1003827"
            },
            {
              "name": "xstat-phpinfo-reveal-info(8467)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/8467"
            },
            {
              "name": "http://www.ifrance.com/kitetoua/tuto/x_holes.txt",
              "refsource": "MISC",
              "url": "http://www.ifrance.com/kitetoua/tuto/x_holes.txt"
            },
            {
              "name": "xstat-action-reveal-path(8466)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/8466"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2002-2045",
    "datePublished": "2005-07-14T04:00:00.000Z",
    "dateReserved": "2005-07-14T00:00:00.000Z",
    "dateUpdated": "2024-08-08T03:51:17.523Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2002-2044 (GCVE-0-2002-2044)

Vulnerability from cvelistv5 – Published: 2005-07-14 04:00 – Updated: 2024-09-16 17:14

Summary

Cross-site scripting (XSS) vulnerability in x_stat_admin.php in x-stat 2.3 and earlier allows remote attackers to inject arbitrary web script or HTML via a parameter to the phpinfo action.

Severity

No CVSS data available.

CWE

n/a

Assigner

mitre

References

5 references

URL	Tags
http://seclists.org/lists/vuln-dev/2002/Mar/0156.html	mailing-listx_refsource_VULN-DEV
http://securitytracker.com/id?1003827	vdb-entryx_refsource_SECTRACK
http://www.securityfocus.com/bid/4281	vdb-entryx_refsource_BID
http://www.ifrance.com/kitetoua/tuto/x_holes.txt	x_refsource_MISC
http://www.iss.net/security_center/static/8468.php	vdb-entryx_refsource_XF

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-08T03:51:17.391Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20020313 X_holes",
            "tags": [
              "mailing-list",
              "x_refsource_VULN-DEV",
              "x_transferred"
            ],
            "url": "http://seclists.org/lists/vuln-dev/2002/Mar/0156.html"
          },
          {
            "name": "1003827",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1003827"
          },
          {
            "name": "4281",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/4281"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.ifrance.com/kitetoua/tuto/x_holes.txt"
          },
          {
            "name": "xstat-admin-php-css(8468)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "http://www.iss.net/security_center/static/8468.php"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Cross-site scripting (XSS) vulnerability in x_stat_admin.php in x-stat 2.3 and earlier allows remote attackers to inject arbitrary web script or HTML via a parameter to the phpinfo action."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2005-07-14T04:00:00.000Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "20020313 X_holes",
          "tags": [
            "mailing-list",
            "x_refsource_VULN-DEV"
          ],
          "url": "http://seclists.org/lists/vuln-dev/2002/Mar/0156.html"
        },
        {
          "name": "1003827",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1003827"
        },
        {
          "name": "4281",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/4281"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.ifrance.com/kitetoua/tuto/x_holes.txt"
        },
        {
          "name": "xstat-admin-php-css(8468)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "http://www.iss.net/security_center/static/8468.php"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2002-2044",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Cross-site scripting (XSS) vulnerability in x_stat_admin.php in x-stat 2.3 and earlier allows remote attackers to inject arbitrary web script or HTML via a parameter to the phpinfo action."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20020313 X_holes",
              "refsource": "VULN-DEV",
              "url": "http://seclists.org/lists/vuln-dev/2002/Mar/0156.html"
            },
            {
              "name": "1003827",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1003827"
            },
            {
              "name": "4281",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/4281"
            },
            {
              "name": "http://www.ifrance.com/kitetoua/tuto/x_holes.txt",
              "refsource": "MISC",
              "url": "http://www.ifrance.com/kitetoua/tuto/x_holes.txt"
            },
            {
              "name": "xstat-admin-php-css(8468)",
              "refsource": "XF",
              "url": "http://www.iss.net/security_center/static/8468.php"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2002-2044",
    "datePublished": "2005-07-14T04:00:00.000Z",
    "dateReserved": "2005-07-14T00:00:00.000Z",
    "dateUpdated": "2024-09-16T17:14:48.984Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2002-2046 (GCVE-0-2002-2046)

Vulnerability from cvelistv5 – Published: 2005-07-14 04:00 – Updated: 2024-08-08 03:51

Summary

x_news.php in X-News (x_news) 1.1 and earlier allows remote attackers to gain administrative privileges by stealing and replaying the md5_password cookie.

Severity

No CVSS data available.

CWE

n/a

Assigner

mitre

References

2 references

URL	Tags
http://seclists.org/lists/vuln-dev/2002/Mar/0156.html	mailing-listx_refsource_VULN-DEV
http://www.ifrance.com/kitetoua/tuto/x_holes.txt	x_refsource_MISC

Date Public

2002-03-12 00:00

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-08T03:51:17.429Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20020313 X_holes",
            "tags": [
              "mailing-list",
              "x_refsource_VULN-DEV",
              "x_transferred"
            ],
            "url": "http://seclists.org/lists/vuln-dev/2002/Mar/0156.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.ifrance.com/kitetoua/tuto/x_holes.txt"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2002-03-12T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "x_news.php in X-News (x_news) 1.1 and earlier allows remote attackers to gain administrative privileges by stealing and replaying the md5_password cookie."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-06-15T16:41:01.000Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "20020313 X_holes",
          "tags": [
            "mailing-list",
            "x_refsource_VULN-DEV"
          ],
          "url": "http://seclists.org/lists/vuln-dev/2002/Mar/0156.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.ifrance.com/kitetoua/tuto/x_holes.txt"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2002-2046",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "x_news.php in X-News (x_news) 1.1 and earlier allows remote attackers to gain administrative privileges by stealing and replaying the md5_password cookie."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20020313 X_holes",
              "refsource": "VULN-DEV",
              "url": "http://seclists.org/lists/vuln-dev/2002/Mar/0156.html"
            },
            {
              "name": "http://www.ifrance.com/kitetoua/tuto/x_holes.txt",
              "refsource": "MISC",
              "url": "http://www.ifrance.com/kitetoua/tuto/x_holes.txt"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2002-2046",
    "datePublished": "2005-07-14T04:00:00.000Z",
    "dateReserved": "2005-07-14T00:00:00.000Z",
    "dateUpdated": "2024-08-08T03:51:17.429Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2002-1656 (GCVE-0-2002-1656)

Vulnerability from cvelistv5 – Published: 2005-03-28 05:00 – Updated: 2024-08-08 03:34

Summary

X-News (x_news) 1.1 and earlier allows attackers to authenticate as other users by obtaining the MD5 checksum of the password, e.g. via sniffing or the users.txt data file, and providing it in a cookie.

Severity

No CVSS data available.

CWE

n/a

Assigner

mitre

References

5 references

URL	Tags
http://www.kb.cert.org/vuls/id/162723	third-party-advisoryx_refsource_CERT-VN
http://securitytracker.com/id?1003828	vdb-entryx_refsource_SECTRACK
https://exchange.xforce.ibmcloud.com/vulnerabilit…	vdb-entryx_refsource_XF
http://www.ifrance.com/kitetoua/tuto/x_holes.txt	x_refsource_MISC
http://www.securityfocus.com/bid/4283	vdb-entryx_refsource_BID

Date Public

2002-03-12 00:00

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-08T03:34:55.515Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "VU#162723",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT-VN",
              "x_transferred"
            ],
            "url": "http://www.kb.cert.org/vuls/id/162723"
          },
          {
            "name": "1003828",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1003828"
          },
          {
            "name": "xnews-users-world-readable(8465)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/8465"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.ifrance.com/kitetoua/tuto/x_holes.txt"
          },
          {
            "name": "4283",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/4283"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2002-03-12T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "X-News (x_news) 1.1 and earlier allows attackers to authenticate as other users by obtaining the MD5 checksum of the password, e.g. via sniffing or the users.txt data file, and providing it in a cookie."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-07-10T14:57:01.000Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "VU#162723",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT-VN"
          ],
          "url": "http://www.kb.cert.org/vuls/id/162723"
        },
        {
          "name": "1003828",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1003828"
        },
        {
          "name": "xnews-users-world-readable(8465)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/8465"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.ifrance.com/kitetoua/tuto/x_holes.txt"
        },
        {
          "name": "4283",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/4283"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2002-1656",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "X-News (x_news) 1.1 and earlier allows attackers to authenticate as other users by obtaining the MD5 checksum of the password, e.g. via sniffing or the users.txt data file, and providing it in a cookie."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "VU#162723",
              "refsource": "CERT-VN",
              "url": "http://www.kb.cert.org/vuls/id/162723"
            },
            {
              "name": "1003828",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1003828"
            },
            {
              "name": "xnews-users-world-readable(8465)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/8465"
            },
            {
              "name": "http://www.ifrance.com/kitetoua/tuto/x_holes.txt",
              "refsource": "MISC",
              "url": "http://www.ifrance.com/kitetoua/tuto/x_holes.txt"
            },
            {
              "name": "4283",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/4283"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2002-1656",
    "datePublished": "2005-03-28T05:00:00.000Z",
    "dateReserved": "2005-03-29T00:00:00.000Z",
    "dateUpdated": "2024-08-08T03:34:55.515Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2002-2045 (GCVE-0-2002-2045)

Vulnerability from nvd – Published: 2005-07-14 04:00 – Updated: 2024-08-08 03:51

Summary

x_stat_admin.php in x-stat 2.3 and earlier allows remote attackers to (1) execute PHP commands such as phpinfo or (2) obtain the full path of the web server via an invalid action parameter, which leaks the pathname in an error message.

Severity

No CVSS data available.

CWE

n/a

Assigner

mitre

References

7 references

URL	Tags
http://seclists.org/lists/vuln-dev/2002/Mar/0156.html	mailing-listx_refsource_VULN-DEV
http://www.securityfocus.com/bid/4279	vdb-entryx_refsource_BID
http://www.securityfocus.com/bid/4280	vdb-entryx_refsource_BID
http://securitytracker.com/id?1003827	vdb-entryx_refsource_SECTRACK
https://exchange.xforce.ibmcloud.com/vulnerabilit…	vdb-entryx_refsource_XF
http://www.ifrance.com/kitetoua/tuto/x_holes.txt	x_refsource_MISC
https://exchange.xforce.ibmcloud.com/vulnerabilit…	vdb-entryx_refsource_XF

Date Public

2002-03-12 00:00

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-08T03:51:17.523Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20020313 X_holes",
            "tags": [
              "mailing-list",
              "x_refsource_VULN-DEV",
              "x_transferred"
            ],
            "url": "http://seclists.org/lists/vuln-dev/2002/Mar/0156.html"
          },
          {
            "name": "4279",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/4279"
          },
          {
            "name": "4280",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/4280"
          },
          {
            "name": "1003827",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1003827"
          },
          {
            "name": "xstat-phpinfo-reveal-info(8467)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/8467"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.ifrance.com/kitetoua/tuto/x_holes.txt"
          },
          {
            "name": "xstat-action-reveal-path(8466)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/8466"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2002-03-12T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "x_stat_admin.php in x-stat 2.3 and earlier allows remote attackers to (1) execute PHP commands such as phpinfo or (2) obtain the full path of the web server via an invalid action parameter, which leaks the pathname in an error message."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-07-10T14:57:01.000Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "20020313 X_holes",
          "tags": [
            "mailing-list",
            "x_refsource_VULN-DEV"
          ],
          "url": "http://seclists.org/lists/vuln-dev/2002/Mar/0156.html"
        },
        {
          "name": "4279",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/4279"
        },
        {
          "name": "4280",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/4280"
        },
        {
          "name": "1003827",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1003827"
        },
        {
          "name": "xstat-phpinfo-reveal-info(8467)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/8467"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.ifrance.com/kitetoua/tuto/x_holes.txt"
        },
        {
          "name": "xstat-action-reveal-path(8466)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/8466"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2002-2045",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "x_stat_admin.php in x-stat 2.3 and earlier allows remote attackers to (1) execute PHP commands such as phpinfo or (2) obtain the full path of the web server via an invalid action parameter, which leaks the pathname in an error message."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20020313 X_holes",
              "refsource": "VULN-DEV",
              "url": "http://seclists.org/lists/vuln-dev/2002/Mar/0156.html"
            },
            {
              "name": "4279",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/4279"
            },
            {
              "name": "4280",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/4280"
            },
            {
              "name": "1003827",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1003827"
            },
            {
              "name": "xstat-phpinfo-reveal-info(8467)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/8467"
            },
            {
              "name": "http://www.ifrance.com/kitetoua/tuto/x_holes.txt",
              "refsource": "MISC",
              "url": "http://www.ifrance.com/kitetoua/tuto/x_holes.txt"
            },
            {
              "name": "xstat-action-reveal-path(8466)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/8466"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2002-2045",
    "datePublished": "2005-07-14T04:00:00.000Z",
    "dateReserved": "2005-07-14T00:00:00.000Z",
    "dateUpdated": "2024-08-08T03:51:17.523Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2002-2044 (GCVE-0-2002-2044)

Vulnerability from nvd – Published: 2005-07-14 04:00 – Updated: 2024-09-16 17:14

Summary

Cross-site scripting (XSS) vulnerability in x_stat_admin.php in x-stat 2.3 and earlier allows remote attackers to inject arbitrary web script or HTML via a parameter to the phpinfo action.

Severity

No CVSS data available.

CWE

n/a

Assigner

mitre

References

5 references

URL	Tags
http://seclists.org/lists/vuln-dev/2002/Mar/0156.html	mailing-listx_refsource_VULN-DEV
http://securitytracker.com/id?1003827	vdb-entryx_refsource_SECTRACK
http://www.securityfocus.com/bid/4281	vdb-entryx_refsource_BID
http://www.ifrance.com/kitetoua/tuto/x_holes.txt	x_refsource_MISC
http://www.iss.net/security_center/static/8468.php	vdb-entryx_refsource_XF

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-08T03:51:17.391Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20020313 X_holes",
            "tags": [
              "mailing-list",
              "x_refsource_VULN-DEV",
              "x_transferred"
            ],
            "url": "http://seclists.org/lists/vuln-dev/2002/Mar/0156.html"
          },
          {
            "name": "1003827",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1003827"
          },
          {
            "name": "4281",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/4281"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.ifrance.com/kitetoua/tuto/x_holes.txt"
          },
          {
            "name": "xstat-admin-php-css(8468)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "http://www.iss.net/security_center/static/8468.php"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Cross-site scripting (XSS) vulnerability in x_stat_admin.php in x-stat 2.3 and earlier allows remote attackers to inject arbitrary web script or HTML via a parameter to the phpinfo action."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2005-07-14T04:00:00.000Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "20020313 X_holes",
          "tags": [
            "mailing-list",
            "x_refsource_VULN-DEV"
          ],
          "url": "http://seclists.org/lists/vuln-dev/2002/Mar/0156.html"
        },
        {
          "name": "1003827",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1003827"
        },
        {
          "name": "4281",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/4281"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.ifrance.com/kitetoua/tuto/x_holes.txt"
        },
        {
          "name": "xstat-admin-php-css(8468)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "http://www.iss.net/security_center/static/8468.php"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2002-2044",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Cross-site scripting (XSS) vulnerability in x_stat_admin.php in x-stat 2.3 and earlier allows remote attackers to inject arbitrary web script or HTML via a parameter to the phpinfo action."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20020313 X_holes",
              "refsource": "VULN-DEV",
              "url": "http://seclists.org/lists/vuln-dev/2002/Mar/0156.html"
            },
            {
              "name": "1003827",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1003827"
            },
            {
              "name": "4281",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/4281"
            },
            {
              "name": "http://www.ifrance.com/kitetoua/tuto/x_holes.txt",
              "refsource": "MISC",
              "url": "http://www.ifrance.com/kitetoua/tuto/x_holes.txt"
            },
            {
              "name": "xstat-admin-php-css(8468)",
              "refsource": "XF",
              "url": "http://www.iss.net/security_center/static/8468.php"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2002-2044",
    "datePublished": "2005-07-14T04:00:00.000Z",
    "dateReserved": "2005-07-14T00:00:00.000Z",
    "dateUpdated": "2024-09-16T17:14:48.984Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2002-2046 (GCVE-0-2002-2046)

Vulnerability from nvd – Published: 2005-07-14 04:00 – Updated: 2024-08-08 03:51

Summary

x_news.php in X-News (x_news) 1.1 and earlier allows remote attackers to gain administrative privileges by stealing and replaying the md5_password cookie.

Severity

No CVSS data available.

CWE

n/a

Assigner

mitre

References

2 references

URL	Tags
http://seclists.org/lists/vuln-dev/2002/Mar/0156.html	mailing-listx_refsource_VULN-DEV
http://www.ifrance.com/kitetoua/tuto/x_holes.txt	x_refsource_MISC

Date Public

2002-03-12 00:00

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-08T03:51:17.429Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20020313 X_holes",
            "tags": [
              "mailing-list",
              "x_refsource_VULN-DEV",
              "x_transferred"
            ],
            "url": "http://seclists.org/lists/vuln-dev/2002/Mar/0156.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.ifrance.com/kitetoua/tuto/x_holes.txt"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2002-03-12T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "x_news.php in X-News (x_news) 1.1 and earlier allows remote attackers to gain administrative privileges by stealing and replaying the md5_password cookie."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-06-15T16:41:01.000Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "20020313 X_holes",
          "tags": [
            "mailing-list",
            "x_refsource_VULN-DEV"
          ],
          "url": "http://seclists.org/lists/vuln-dev/2002/Mar/0156.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.ifrance.com/kitetoua/tuto/x_holes.txt"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2002-2046",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "x_news.php in X-News (x_news) 1.1 and earlier allows remote attackers to gain administrative privileges by stealing and replaying the md5_password cookie."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20020313 X_holes",
              "refsource": "VULN-DEV",
              "url": "http://seclists.org/lists/vuln-dev/2002/Mar/0156.html"
            },
            {
              "name": "http://www.ifrance.com/kitetoua/tuto/x_holes.txt",
              "refsource": "MISC",
              "url": "http://www.ifrance.com/kitetoua/tuto/x_holes.txt"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2002-2046",
    "datePublished": "2005-07-14T04:00:00.000Z",
    "dateReserved": "2005-07-14T00:00:00.000Z",
    "dateUpdated": "2024-08-08T03:51:17.429Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2002-1656 (GCVE-0-2002-1656)

Vulnerability from nvd – Published: 2005-03-28 05:00 – Updated: 2024-08-08 03:34

Summary

X-News (x_news) 1.1 and earlier allows attackers to authenticate as other users by obtaining the MD5 checksum of the password, e.g. via sniffing or the users.txt data file, and providing it in a cookie.

Severity

No CVSS data available.

CWE

n/a

Assigner

mitre

References

5 references

URL	Tags
http://www.kb.cert.org/vuls/id/162723	third-party-advisoryx_refsource_CERT-VN
http://securitytracker.com/id?1003828	vdb-entryx_refsource_SECTRACK
https://exchange.xforce.ibmcloud.com/vulnerabilit…	vdb-entryx_refsource_XF
http://www.ifrance.com/kitetoua/tuto/x_holes.txt	x_refsource_MISC
http://www.securityfocus.com/bid/4283	vdb-entryx_refsource_BID

Date Public

2002-03-12 00:00

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-08T03:34:55.515Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "VU#162723",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT-VN",
              "x_transferred"
            ],
            "url": "http://www.kb.cert.org/vuls/id/162723"
          },
          {
            "name": "1003828",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1003828"
          },
          {
            "name": "xnews-users-world-readable(8465)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/8465"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.ifrance.com/kitetoua/tuto/x_holes.txt"
          },
          {
            "name": "4283",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/4283"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2002-03-12T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "X-News (x_news) 1.1 and earlier allows attackers to authenticate as other users by obtaining the MD5 checksum of the password, e.g. via sniffing or the users.txt data file, and providing it in a cookie."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-07-10T14:57:01.000Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "VU#162723",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT-VN"
          ],
          "url": "http://www.kb.cert.org/vuls/id/162723"
        },
        {
          "name": "1003828",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1003828"
        },
        {
          "name": "xnews-users-world-readable(8465)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/8465"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.ifrance.com/kitetoua/tuto/x_holes.txt"
        },
        {
          "name": "4283",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/4283"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2002-1656",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "X-News (x_news) 1.1 and earlier allows attackers to authenticate as other users by obtaining the MD5 checksum of the password, e.g. via sniffing or the users.txt data file, and providing it in a cookie."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "VU#162723",
              "refsource": "CERT-VN",
              "url": "http://www.kb.cert.org/vuls/id/162723"
            },
            {
              "name": "1003828",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1003828"
            },
            {
              "name": "xnews-users-world-readable(8465)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/8465"
            },
            {
              "name": "http://www.ifrance.com/kitetoua/tuto/x_holes.txt",
              "refsource": "MISC",
              "url": "http://www.ifrance.com/kitetoua/tuto/x_holes.txt"
            },
            {
              "name": "4283",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/4283"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2002-1656",
    "datePublished": "2005-03-28T05:00:00.000Z",
    "dateReserved": "2005-03-29T00:00:00.000Z",
    "dateUpdated": "2024-08-08T03:34:55.515Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Find a vulnerability

Search criteria ⓘ Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.

8 vulnerabilities by xqus

CVE-2002-2045 (GCVE-0-2002-2045)

CVE-2002-2044 (GCVE-0-2002-2044)

CVE-2002-2046 (GCVE-0-2002-2046)

CVE-2002-1656 (GCVE-0-2002-1656)

CVE-2002-2045 (GCVE-0-2002-2045)

CVE-2002-2044 (GCVE-0-2002-2044)

CVE-2002-2046 (GCVE-0-2002-2046)

CVE-2002-1656 (GCVE-0-2002-1656)

Find a vulnerability

Search criteria ⓘ Use this form to refine search results. Full-text search supports keyword queries with ranking and filtering. You can combine vendor, product, and sources to narrow results. Enable “Apply ordering” to sort by date instead of relevance.

8 vulnerabilities by xqus

CVE-2002-2045 (GCVE-0-2002-2045)

CVE-2002-2044 (GCVE-0-2002-2044)

CVE-2002-2046 (GCVE-0-2002-2046)

CVE-2002-1656 (GCVE-0-2002-1656)

CVE-2002-2045 (GCVE-0-2002-2045)

CVE-2002-2044 (GCVE-0-2002-2044)

CVE-2002-2046 (GCVE-0-2002-2046)

CVE-2002-1656 (GCVE-0-2002-1656)

Search criteria ⓘ Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.