Total
2604 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2002-1841 | 1 Noguska | 1 Nola | 2024-02-28 | 5.0 MEDIUM | N/A |
The document management module in NOLA 1.1.1 and 1.1.2 does not restrict the types of files that are uploaded, which allows remote attackers to upload and execute arbitrary PHP files with extensions such as .php4. | |||||
CVE-2001-1099 | 2 Microsoft, Symantec | 2 Exchange Server, Norton Antivirus | 2024-02-28 | 5.0 MEDIUM | N/A |
The default configuration of Norton AntiVirus for Microsoft Exchange 2000 2.x allows remote attackers to identify the recipient's INBOX file path by sending an email with an attachment containing malicious content, which includes the path in the rejection notice. | |||||
CVE-2001-0901 | 1 Hypermail Development | 1 Hypermail | 2024-02-28 | 7.5 HIGH | N/A |
Hypermail allows remote attackers to execute arbitrary commands on a server supporting SSI via an attachment with a .shtml extension, which is archived on the server and can then be executed by requesting the URL for the attachment. | |||||
CVE-2001-0340 | 1 Microsoft | 1 Exchange Server | 2024-02-28 | 7.5 HIGH | N/A |
An interaction between the Outlook Web Access (OWA) service in Microsoft Exchange 2000 Server and Internet Explorer allows attackers to execute malicious script code against a user's mailbox via a message attachment that contains HTML code, which is executed automatically. |