CVE-2002-1854

Rlaj whois CGI script (whois.cgi) 1.0 allows remote attackers to execute arbitrary commands via shell metacharacters in the domain name field.

Publication date: Tue, 31 Dec 2002 11:00:00 +0000

Cyber News related to CVE-2002-1854

CVE-2002-1854 - Rlaj whois CGI script (whois.cgi) 1.0 allows remote attackers to execute arbitrary commands via shell metacharacters in the domain name field. ...
16 years ago

CVE-2002-0192 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2002-0193, CVE-2002-1564. Reason: This candidate was published with a description that identified a different vulnerability than what was identified in the original authoritative ...
55 years ago Tenable.com

CVE-2016-1857 - WebKit, as used in Apple iOS before 9.3.2, Safari before 9.1.1, and tvOS before 9.2.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than ...
5 years ago

CVE-2016-1856 - WebKit, as used in Apple iOS before 9.3.2, Safari before 9.1.1, and tvOS before 9.2.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than ...
5 years ago

CVE-2016-1855 - WebKit, as used in Apple iOS before 9.3.2, Safari before 9.1.1, and tvOS before 9.2.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than ...
5 years ago

CVE-2016-1854 - WebKit, as used in Apple iOS before 9.3.2, Safari before 9.1.1, and tvOS before 9.2.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than ...
5 years ago

CVE-2006-1854 - ** DISPUTED ** Multiple cross-site scripting (XSS) vulnerabilities in BluePay Manager 2.0 and earlier allow remote attackers to inject arbitrary web script or HTML during a login action via the (1) Account Name and (2) Username field. NOTE: the ...
16 years ago

CVE-2010-1854 - Cross-site scripting (XSS) vulnerability in auktion.php in Pay Per Watch & Bid Auktions System allows remote attackers to inject arbitrary web script or HTML via the id_auk parameter, which is not properly handled in a forced SQL error message. ...
14 years ago

CVE-2021-1854 - A call termination issue with was addressed with improved logic. This issue is fixed in iOS 14.5 and iPadOS 14.5. A legacy cellular network can automatically answer an incoming call when an ongoing call ends or drops. . ...
3 years ago

CVE-2013-1981 - Multiple integer overflows in X.org libX11 1.5.99.901 (1.6 RC1) and earlier allow X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the (1) XQueryFont, (2) _XF86BigfontQueryFont, (3) ...
8 years ago

CVE-2004-1854 - Buffer overflow in the logging function in Picophone 1.63 and earlier allows remote attackers to execute arbitrary code via a large packet. ...
7 years ago

CVE-2005-1854 - Unknown vulnerability in apt-cacher in Debian 3.1, related to "missing input sanitising," allows remote attackers to execute arbitrary commands on the caching server. ...
7 years ago

CVE-2007-1854 - Unspecified vulnerability in Hitachi Cosminexus Component Container 07-00 through 07-00-10, and 07-10 through 07-10-03, as used in uCosminexus Application Server Enterprise and Standard; uCosminexus Service Platform; uCosminexus Developer Standard ...
7 years ago

CVE-2008-1854 - Unspecified vulnerability in SmarterMail Web Server (SMWebSvr.exe) in SmarterMail 5.0.2999 allows remote attackers to cause a denial of service (service termination) via a long HTTP (1) GET, (2) HEAD, (3) PUT, (4) POST, or (5) TRACE request. NOTE: ...
7 years ago

CVE-2009-1854 - Million Dollar Text Links 1.0 allows remote attackers to bypass authentication and gain administrative access by setting the userid cookie to 1. ...
7 years ago

CVE-2014-1854 - SQL injection vulnerability in library/clicktracker.php in the AdRotate Pro plugin 3.9 through 3.9.5 and AdRotate Free plugin 3.9 through 3.9.4 for WordPress allows remote attackers to execute arbitrary SQL commands via the track parameter. ...
6 years ago

CVE-2012-1854 - Untrusted search path vulnerability in VBE6.dll in Microsoft Office 2003 SP3, 2007 SP2 and SP3, and 2010 Gold and SP1; Microsoft Visual Basic for Applications (VBA); and Summit Microsoft Visual Basic for Applications SDK allows local users to gain ...
6 years ago

CVE-2019-1854 - A vulnerability in the management web interface of Cisco Expressway Series could allow an authenticated, remote attacker to perform a directory traversal attack against an affected device. The vulnerability is due to insufficient input validation on ...
5 years ago

CVE-2011-1854 - Use-after-free vulnerability in HP Intelligent Management Center (IMC) 5.0 before E0101L02 allows remote attackers to execute arbitrary code via a long syslog packet, related to an exception handler. ...
5 years ago

CVE-2022-1854 - Use after free in ANGLE in Google Chrome prior to 102.0.5005.61 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. ...
2 years ago

CVE-2015-1854 - 389 Directory Server before 1.3.3.10 allows attackers to bypass intended access restrictions and modify directory entries via a crafted ldapmodrdn call. ...
1 year ago

CVE-2013-1854 - The Active Record component in Ruby on Rails 2.3.x before 2.3.18, 3.1.x before 3.1.12, and 3.2.x before 3.2.13 processes certain queries by converting hash keys to symbols, which allows remote attackers to cause a denial of service via crafted input ...
1 year ago

CVE-2023-1854 - A vulnerability, which was classified as problematic, was found in SourceCodester Online Graduate Tracer System 1.0. Affected is an unknown function of the file admin/. The manipulation leads to session expiration. It is possible to launch the attack ...
1 year ago

CVE-2017-1854 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none ...
55 years ago Tenable.com

CVE-2024-1854 - The Essential Blocks – Page Builder Gutenberg Blocks, Patterns & Templates plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the blockId parameter in all versions up to, and including, 4.5.1 due to insufficient input ...
9 months ago Tenable.com

Latest Cyber News

CVE-2025-22214 - 22 hours ago
CVE-2024-56829 - 22 hours ago
CVE-2025-0168 - 1 day ago
CVE-2024-11846 - 1 day ago
CVE-2024-56020 - 2 days ago
CVE-2024-56021 - 2 days ago
CVE-2024-23436 - 2 days ago
CVE-2024-23437 - 2 days ago
CVE-2024-23438 - 2 days ago
CVE-2024-23420 - 2 days ago
CVE-2024-23421 - 2 days ago
CVE-2024-23422 - 2 days ago
CVE-2024-23423 - 2 days ago
CVE-2024-23424 - 2 days ago
CVE-2024-23425 - 2 days ago
CVE-2024-23426 - 2 days ago
CVE-2024-23427 - 2 days ago
CVE-2024-23428 - 2 days ago
CVE-2024-23429 - 2 days ago
CVE-2024-23430 - 2 days ago

Cyber Trends (last 7 days)

Okta - 1 year ago
23andMe - 1 year ago
Kimsuky - 1 year ago
LogoFAIL - 1 year ago
Gh0st rat - 1 year ago

Trending Cyber News (last 7 days)

CVE-2024-11846 - 1 day ago
CVE-2025-0168 - 1 day ago
CVE-2024-56829 - 22 hours ago
CVE-2025-22214 - 22 hours ago
CVE-2024-45497 - 2 days ago
CVE-2024-13067 - 2 days ago
CVE-2024-49422 - 2 days ago
CVE-2024-56211 - 2 days ago
CVE-2024-56212 - 2 days ago
CVE-2024-56213 - 2 days ago
CVE-2024-56214 - 2 days ago
CVE-2024-56216 - 2 days ago
CVE-2024-56218 - 2 days ago
CVE-2024-56220 - 2 days ago
CVE-2024-56222 - 2 days ago
CVE-2024-56229 - 2 days ago
CVE-2024-56230 - 2 days ago
CVE-2024-56232 - 2 days ago
CVE-2024-12105 - 2 days ago
CVE-2024-12106 - 2 days ago