LiveActive security incident?Get immediate response
CVE archive

July 2001

Browse CVE records published in July 2001, with severity, affected products, CWE, KEV, and source-backed vulnerability context.

Showing 50 of 131 matching CVEs · Page 2 of 3.

Unknown · CVSS Not scored

CVE-2001-1524: Cross-site scripting (XSS) vulnerability in PHP-Nuke 5.3.1 and earlier allows remote attackers to inject ar...

Cross-site scripting (XSS) vulnerability in PHP-Nuke 5.3.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the (1) uname parameter in user.php, (2) ttitle, letter and file parameters in modules.php, (3) subject, story and storyext parameters in submit.php, (4) upload parameter in admin.php and (5) fname parameter in friend.php.

Published Jul 14, 2005 · Updated Aug 8, 2024

Unknown · CVSS Not scored

CVE-2001-1567: Lotus Domino server 5.0.9a and earlier allows remote attackers to bypass security restrictions and view Not...

Lotus Domino server 5.0.9a and earlier allows remote attackers to bypass security restrictions and view Notes database files and possibly sensitive Notes template files (.ntf) via an HTTP request with a large number of "+" characters before the .nsf file extension, which are converted to spaces by Domino.

Published Jul 14, 2005 · Updated Aug 8, 2024

Unknown · CVSS Not scored

CVE-2001-0597: Zetetic Secure Tool for Recalling Important Passwords (STRIP) 0.5 and earlier for the PalmOS allows a local...

Zetetic Secure Tool for Recalling Important Passwords (STRIP) 0.5 and earlier for the PalmOS allows a local attacker to recover passwords via a brute force attack. This attack is made feasible by STRIP's use of SysRandom, which is seeded by TimeGetTicks, and an implementation flaw which vastly reduces the password 'search space'.

Published Jul 27, 2001 · Updated Aug 8, 2024

Unknown · CVSS Not scored

CVE-2001-0572: The SSH protocols 1 and 2 (aka SSH-2) as implemented in OpenSSH and other packages have various weaknesses...

The SSH protocols 1 and 2 (aka SSH-2) as implemented in OpenSSH and other packages have various weaknesses which can allow a remote attacker to obtain the following information via sniffing: (1) password lengths or ranges of lengths, which simplifies brute force password guessing, (2) whether RSA or DSA authentication is being used, (3) the number of authorized_keys in RSA authentication, or (4) the lengths of shell commands.

Published Jul 27, 2001 · Updated Aug 8, 2024