LiveActive security incident?Get immediate response
CVE archive

March 2002

Browse CVE records published in March 2002, with severity, affected products, CWE, KEV, and source-backed vulnerability context.

Showing 50 of 210 matching CVEs · Page 2 of 5.

Unknown · CVSS Not scored

CVE-2002-1495: Cross-site scripting (XSS) vulnerability in JAWmail 1.0-rc1 allows remote attackers to insert arbitrary scr...

Cross-site scripting (XSS) vulnerability in JAWmail 1.0-rc1 allows remote attackers to insert arbitrary script or HTML via (1) attached file names in the Read Mail feature, (2) text/html mails that are displayed in a pop-up window, and (3) certain malicious attributes within otherwise safe tags, such as onMouseOver.

Published Mar 18, 2003 · Updated Aug 8, 2024

Unknown · CVSS Not scored

CVE-2002-1499: Multiple SQL injection vulnerabilities in FactoSystem CMS allows remote attackers to perform unauthorized d...

Multiple SQL injection vulnerabilities in FactoSystem CMS allows remote attackers to perform unauthorized database actions via (1) the authornumber parameter in author.asp, (2) the discussblurbid parameter in discuss.asp, (3) the name parameter in holdcomment.asp, and (4) the email parameter in holdcomment.asp.

Published Mar 18, 2003 · Updated Aug 8, 2024