WinPT (Windows Privacy Tray) is prone to a key-spoofing vulnerability because it fails to properly display user-supplied key data. An attacker can exploit this issue to trick victim users into encrypting potentially sensitive information with a malicious key that appears to be legitimate.
This exploit is a denial of service (DoS) vulnerability in the Microsoft Windows Workstation Service NetrWkstaUserEnum() function. It allows an attacker to cause a remote system to run out of memory by sending a specially crafted request. The exploit was discovered by h07 and tested on Windows XP SP2 Polish and Windows 2000 SP4 Polish with all Microsoft Security Bulletins.
Prototype of an PHP application' is prone to multiple remote file-include vulnerabilities because it fails to properly sanitize user-supplied input to the application. An attacker may leverage these issues to execute an arbitrary remote file containing malicious script code in the context of the webserver process. This may allow the attacker to compromise the application and the underlying system.
Prototype of an PHP application is prone to multiple remote file-include vulnerabilities because it fails to properly sanitize user-supplied input to the application. An attacker may leverage these issues to execute an arbitrary remote file containing malicious script code in the context of the webserver process. This may allow the attacker to compromise the application and the underlying system.
The British Telecommunications Consumer Webhelper ActiveX control is prone to multiple buffer-overflow vulnerabilities because it fails to bounds-check user-supplied data before copying it into an insufficiently sized buffer. Successfully exploiting these issues allows remote attackers to execute arbitrary code in the context of the application using the ActiveX control (typically Internet Explorer). Failed exploit attempts likely result in denial-of-service conditions.
Uebimiau is prone to multiple input-validation vulnerabilities, including cross-site scripting issues and an information-disclosure issue, because the application fails to properly sanitize user-supplied input. Attackers can exploit these issues to steal cookie-based authentication credentials, to control how the site is rendered to the user, or to gain access to information that could aid in further attacks.
W�YS is prone to a cross-site scripting vulnerability. Exploiting this vulnerability may allow an attacker to perform cross-site scripting attacks on unsuspecting users in the context of the affected website. As a result, the attacker may be able to steal cookie-based authentication credentials and to launch other attacks.
Pligg is prone to a security-bypass vulnerability due to a design error when resetting forgotten passwords. An attacker may exploit this issue to reset account passwords for arbitrary users and then compromise a vulnerable application. This can also aid the attacker in further attacks.
rdiffWeb is prone to a directory-traversal vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this vulnerability to retrieve arbitrary files from the vulnerable system in the context of the webserver process. Information obtained may aid in further attacks.
This exploit allows a remote attacker to overwrite the system.ini file on a vulnerable system. It is triggered by a malicious user clicking a button on a webpage containing the exploit code. The exploit code is written in VBScript and is triggered by a malicious user clicking a button on a webpage containing the exploit code. The exploit code is written in VBScript and is triggered by a malicious user clicking a button on a webpage containing the exploit code. The exploit code is written in VBScript and is triggered by a malicious user clicking a button on a webpage containing the exploit code. The exploit code is written in VBScript and is triggered by a malicious user clicking a button on a webpage containing the exploit code.
Services By CQR