A vulnerability exists in the JavascriptMath::MaxInAnArray optimization method, which takes the original method 'Math.max' as the first parameter and the arguments object as the second parameter. If the arguments object can't be handled by the method, it explicitly calls the original method 'Math.max'. However, it doesn't check if the property 'Math.max' has changed, so a user defined JavaScript function can be called without updating 'ImplicitCallFlags'.
Gespage is a web solution providing a printer portal. The web application does not properly filter several parameters sent by users, allowing authenticated SQL code injection (Stacked Queries - comment). These vulnerabilities could allow attackers to retrieve / update data from the database through the application.
Max Web Portal is vulnerable to Cross-Site Scripting (XSS) attacks and Hidden Form Field Weakness. An attacker can exploit the XSS vulnerability by entering malicious code into the search utility. The Hidden Form Field Weakness can be exploited by adding certain fields to the form which can be used to deface the website or send private messages to all members of the website.
MegaBrowser HTTP server is vulnerable to a directory traversal vulnerability which allows access to any file on the system as well as directory viewing of the root web directory. While not as serious as the previously mentioned vuln, this still poses a threat as it may allow an attacker to harvest a list of valid FTP usernames on the system.
WinMX 2.6 is an older version of the popular file sharing client WinMX. While the current version is 3.31, 2.6 still remains quite popular. Especially amongst users on private networks. The problems with WinMX 2.6 is that it provides pretty much NO password protection. This can be exploited both locally and remotely. Locally, one can edit a particular server, and upon doing so the username and pass are presented in plaintext, and the other way is to open the nservers.dat file in the WinMX directory. Remotely, the passwords are encrypted by such servers as SlavaNap etc, but they are passed to the server in plaintext, so any malicious server owner with a packet sniffer can exploit this vuln.
phpLinks is prone to HTML injection due to a vulnerability in the search feature. Search queries are not sufficiently sanitized of HTML and script code. These search queries may potentially be displayed to other users when the most popular searches are viewed. If an attacker includes malicious HTML or script code in these queries, it is possible that the attacker-supplied code may be rendered in the web client software of other users. phpLinks does not sufficiently sanitized HTML and script code supplied via form fields before displaying this data to administrative users. This issue exists in the 'add.php' script, which is used to add sites to the phpLinks system. As a result, an attacker may cause malicious HTML and script code to be executed in the web client of an administrative user who reviews attacker-supplied data submitted when a site is added.
The application allows users to upload files to the server without any restrictions. An attacker can upload malicious files to the server and execute arbitrary code on the device. The application contains a hard coded backdoor that allows an attacker to gain unauthorized access to the device. The application is vulnerable to cross site request forgery attacks, command injection attacks, denial of service attacks, and information disclosure attacks. The application contains code that has been reused from other applications.
The vulnerability is a hard coded backdoor within the cgi binary '/cgibin/webproc'. This backdoor allows an attacker to execute arbitrary commands as root without authentication.
Services By CQR