The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
12,669 vulnerabilities with CWE-20
CVE-2003-1405
DotBr 0.1 - Remote Command Execution via cmd Parameter
CVE-2003-1416
BisonFTP Server 4 - Denial of Service via Long LS or CWD Command
CVE-2003-1419
Netscape Navigator 7.0 - Denial of Service via Invalid Regular Expression in reformatDate
CVE-2003-1425
cPanel 5.0 - Remote Code Execution via Guestbook.cgi Template Parameter
CVE-2003-1440
SpamProbe 0.8a - Denial of Service via Newline in HTML href Tag
CVE-2003-1441
Posadis 0.50.4-0.50.8 - Denial of Service via DNS Message Without Question Section
CVE-2003-1443
Kaspersky Anti-Virus 4.0.9.0 - Virus Detection Bypass via MS-DOS Device Name Filename
CVE-2003-1444
Kaspersky Anti-Virus 4.0.9.0 - Denial of Service via Long Pathname
CVE-2003-1450
BitchX 75p3 and 1.0c16-1.0c20cvs - Denial of Service via Malformed RPL_NAMREPLY Message
CVE-2003-1456
album.pl < 6.1 - Remote Command Execution via Alternative Configuration File
CVE-2003-1463
Alt-N WebAdmin 2.0.0-2.0.2 - Authenticated Absolute Path Traversal via Name Parameter
CVE-2003-1471
MDaemon <= 6.0.7 - Authenticated Denial of Service via Negative DELE or UIDL Command
CVE-2003-1485
Clearswift MAILsweeper 4.0-4.3.7 - Filter Bypass via Multiple Extensions with Whitespace
CVE-2003-1487
Phorum 3.4-3.4.2 - Remote Command Injection via UserAdmin, Edit Profile, or Stats Program
CVE-2003-1488
Truegalerie 1.0 - Unauthenticated Administrator Access via Admin Parameter Manipulation
CVE-2003-1490
SonicWall Pro - Denial of Service via Long HTTP POST to Internal Interface
CVE-2003-1538
SuSE Linux susehelp - Remote Command Execution via CGI Query Shell Metacharacter Injection
CVE-2003-0795
Zebra <= 0.93b - Denial of Service via Malformed Telnet Command
CVE-2003-0567
Cisco IOS 11.x and 12.0-12.2 - Denial of Service via IPv4 Packet Sequence
CVE-2003-0367
znew in gzip - Local Privilege Escalation
CVE-2002-2444
CRITICAL
snoopy - Remote Code Execution via exec cURL
CVSS 9.8
CVE-2002-2443
MIT Kerberos 5 < 1.11.3 - Denial of Service via Forged UDP Packet
CVE-2002-2433
Novell NetWare FTP Server < 5.03b - Authenticated Denial of Service via ABOR Command
CVE-2002-2429
GoAhead WebServer < 2.1.4 - Denial of Service via Negative Content-Length Header
CVE-2002-2428
GoAhead WebServer < 2.1.4 - Denial of Service via Empty POST Body
Details
Vulnerabilities
12,669
Exploit Likelihood
High