Multiple HP products are prone to a local privilege-escalation vulnerability. An attacker can exploit this issue to gain SYSTEM-level privileges, completely compromising affected computers. This issue affects HP products that use the 'PML Driver HPZ12' driver.
RI Blog is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code execute in the browser of an unsuspecting user. This may help the attacker steal cookie-based authentication credentials and launch other attacks.
Kerio Personal Firewall is prone to a local privilege-escalation vulnerability. A local attacker could exploit this issue to execute arbitrary machine code with SYSTEM-level privileges. A successful exploit could result in the complete compromise of the affected computer. Versions 4.3.246 and 4.3.268 are vulnerable to this issue; other versions may also be affected.
Mobilelib GOLD is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker may leverage these issues to have arbitrary script code execute in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks.
Oracle Portal is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code execute in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks.
PHP icalendar is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker may leverage these issues to have arbitrary script code execute in the browser of an unsuspecting user. This may help the attacker steal cookie-based authentication credentials and launch other attacks.
PHP icalendar is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker may leverage these issues to have arbitrary script code execute in the browser of an unsuspecting user. This may help the attacker steal cookie-based authentication credentials and launch other attacks.
A remote denial-of-service vulnerability affects the DB Hub application because of a memory-corruption flaw when the application attempts to process specially crafted network traffic. An attacker may exploit this issue to crash affected applications, denying service to legitimate users.
DMXReady Secure Login Manager is prone to multiple SQL-injection vulnerabilities because the application fails to properly sanitize user-supplied input before using it in SQL queries. A successful exploit could allow an attacker to compromise the application, access or modify data, or exploit vulnerabilities in the underlying database.
Hosting Controller is prone to a directory-traversal vulnerability because the application fails to properly sanitize user-supplied input. An attacker can exploit this issue to modify or retrieve arbitrary files in the context of the webserver process. This may aid in further attacks.
Services By CQR