CVE-2002-0705
- EPSS 2.45%
- Veröffentlicht 10.10.2002 04:00:00
- Zuletzt bearbeitet 16.06.2026 21:57:58
The Web Reports Server for SurfControl SuperScout WebFilter stores the "scwebusers" username and password file in a web-accessible directory, which allows remote attackers to obtain valid usernames and crack the passwords.
CVE-2002-0706
- EPSS 0.98%
- Veröffentlicht 10.10.2002 04:00:00
- Zuletzt bearbeitet 16.06.2026 21:57:58
UserManager.js in the Web Reports Server for SurfControl SuperScout WebFilter uses weak encryption for administrator functions, which allows remote attackers to decrypt the administrative password using a hard-coded key in a Javascript function.
- EPSS 1.81%
- Veröffentlicht 10.10.2002 04:00:00
- Zuletzt bearbeitet 16.06.2026 21:57:59
The Web Reports Server for SurfControl SuperScout WebFilter allows remote attackers to cause a denial of service (CPU consumption) via large GET requests, possibly due to a buffer overflow.
- EPSS 3.49%
- Veröffentlicht 10.10.2002 04:00:00
- Zuletzt bearbeitet 16.06.2026 21:57:59
Directory traversal vulnerability in the Web Reports Server for SurfControl SuperScout WebFilter allows remote attackers to read arbitrary files via an HTTP request containing ... (triple dot) sequences.
CVE-2002-0709
- EPSS 1.14%
- Veröffentlicht 10.10.2002 04:00:00
- Zuletzt bearbeitet 16.06.2026 21:57:59
SQL injection vulnerabilities in the Web Reports Server for SurfControl SuperScout WebFilter allow remote attackers to execute arbitrary SQL queries via the RunReport option to SimpleBar.dll, and possibly other DLLs.