CVE-2002-1852

CVE-2002-1852 - Cross-site scripting (XSS) vulnerability in Monkey 0.5.0 allows remote attackers to inject arbitrary web script or HTML via (1) the URL or (2) a parameter to test2.pl. ...
4 years ago

CVE-2002-0192 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2002-0193, CVE-2002-1564. Reason: This candidate was published with a description that identified a different vulnerability than what was identified in the original authoritative ...
54 years ago Tenable.com

CVE-2007-1852 - ** DISPUTED ** Multiple PHP remote file inclusion vulnerabilities in 2BGal 3.1.1 allow remote attackers to execute arbitrary PHP code via a URL in the lang_filename parameter to (1) index.php or (2) backupdb.inc.php in admin/, or other unspecified ...
6 years ago

CVE-2015-1852 - The s3_token middleware in OpenStack keystonemiddleware before 1.6.0 and python-keystoneclient before 1.4.0 disables certification verification when the "insecure" option is set in a paste configuration (paste.ini) file regardless of the ...
1 year ago

CVE-2023-4042 - A flaw was found in ghostscript. The fix for CVE-2020-16305 in ghostscript was not included in RHSA-2021:1852-06 advisory as it was claimed to be. This issue only affects the ghostscript package as shipped with Red Hat Enterprise Linux 8. ...
11 months ago

CVE-2021-1852 - An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 14.5 and iPadOS 14.5. A local user may be able to read kernel memory. ...
1 year ago

CVE-2011-1852 - Multiple stack-based buffer overflows in tftpserver.exe in HP Intelligent Management Center (IMC) 5.0 before E0101L02 allow remote attackers to execute arbitrary code via crafted packet content accompanying a (1) DATA or (2) ERROR opcode. ...
11 years ago

CVE-2013-1852 - SQL injection vulnerability in leaguemanager.php in the LeagueManager plugin before 3.8.1 for WordPress allows remote attackers to execute arbitrary SQL commands via the league_id parameter in the leaguemanager-export page to wp-admin/admin.php. ...
10 years ago

CVE-2016-1852 - Siri in Apple iOS before 9.3.2 does not block data detectors within results in the lock-screen state, which allows physically proximate attackers to obtain sensitive contact and photo information via unspecified vectors. ...
8 years ago

CVE-2004-1852 - DameWare Mini Remote Control 3.x before 3.74 and 4.x before 4.2 transmits the Blowfish encryption key in plaintext, which allows remote attackers to gain sensitive information. ...
10 months ago

CVE-2006-1852 - SQL injection vulnerability in category.php in Article Publisher Pro 1.0.1 and earlier allows remote attackers to execute arbitrary SQL commands via the cname parameter. ...
7 years ago

CVE-2008-1852 - ovalarmsrv in HP OpenView Network Node Manager (OV NNM) 7.51, 7.53, and possibly other versions allows remote attackers to cause a denial of service (crash) via certain requests that specify a large number of sub-arguments, which triggers a NULL ...
7 years ago

CVE-2009-1852 - Multiple SQL injection vulnerabilities in Graphiks MyForum 1.3 allow remote attackers to execute arbitrary SQL commands via the (1) Username and (2) Password fields. ...
7 years ago

CVE-2005-1852 - Multiple integer overflows in libgadu, as used in Kopete in KDE 3.2.3 to 3.4.1, ekg before 1.6rc3, GNU Gadu, CenterICQ, Kadu, and other packages, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an ...
7 years ago

CVE-2012-1852 - Heap-based buffer overflow in the Remote Administration Protocol (RAP) implementation in the LanmanWorkstation service in Microsoft Windows XP SP2 and SP3 allows remote attackers to execute arbitrary code via crafted RAP response packets, aka ...
6 years ago

CVE-2019-1852 - A vulnerability in the web-based management interface of Cisco Prime Network Registrar could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based interface. The vulnerability is due ...
5 years ago

CVE-2010-1852 - Microsoft Internet Explorer, when the Invisible Hand extension is enabled, uses cookies during background HTTP requests in a possibly unexpected manner, which might allow remote web servers to identify specific persons and their product searches via ...
3 years ago

CVE-2022-1852 - A NULL pointer dereference flaw was found in the Linux kernel’s KVM module, which can lead to a denial of service in the x86_emulate_insn in arch/x86/kvm/emulate.c. This flaw occurs while executing an illegal instruction in guest in the Intel CPU. ...
2 years ago

CVE-2023-1852 - A vulnerability classified as problematic was found in SourceCodester Online Payroll System 1.0. This vulnerability affects unknown code of the file /admin/deduction_edit.php. The manipulation of the argument description leads to cross site ...
1 year ago

CVE-2017-1852 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none ...
54 years ago Tenable.com

CVE-2023-52562 - In the Linux kernel, the following vulnerability has been resolved: ...
9 months ago

CVE-2024-1852 - The WP-Members Membership Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the X-Forwarded-For header in all versions up to, and including, 3.4.9.2 due to insufficient input sanitization and output escaping. This makes it ...
8 months ago Tenable.com

CVE-2002-0390 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2002-0639. Reason: This candidate is a reservation duplicate of CVE-2002-0639. Notes: All CVE users should reference CVE-2002-0639 instead of this candidate. All references and ...
54 years ago Tenable.com

CVE-2002-1370 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2002-1367. Reason: This CAN was originally assigned for the theft of root certificates in CUPS, but it was later deemed to be a legitimate result of exploiting a different ...
54 years ago Tenable.com

CVE-2002-1404 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2002-1348. Reason: This candidate is a reservation duplicate of CVE-2002-1348. Notes: All CVE users should reference CVE-2002-1348 instead of this candidate. All references and ...
54 years ago Tenable.com