Efkan Forum is prone to an SQL-injection vulnerability because the application fails to properly sanitize user-supplied input before using it in an SQL query. A successful exploit could allow an attacker to compromise the application, access or modify data, or exploit vulnerabilities in the underlying database implementation.
Xt-News is prone to multiple input-validation vulnerabilities, including cross-site scripting and SQL-injection issues, because it fails to sufficiently sanitize user-supplied input. An attacker could exploit these issues to steal cookie-based authentication credentials, compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database implementation.
Xt-News is prone to multiple input-validation vulnerabilities, including cross-site scripting and SQL-injection issues, because it fails to sufficiently sanitize user-supplied input. An attacker could exploit these issues to steal cookie-based authentication credentials, compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database implementation.
WikiReader is prone to a local buffer-overflow vulnerability because it fails to adequately bounds-check user-supplied input data to an insufficiently sized buffer. An attacker can exploit this issue to execute arbitrary code within the context of the affected application; failed exploit attempts will result in a denial-of-service condition.
The 'a-blog' application is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code execute in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks.
FTPRush is prone to a local buffer-overflow vulnerability because it fails to adequately bounds-check user-supplied input data to an insufficiently sized buffer. An attacker can exploit this issue to execute arbitrary code within the context of the affected application. Failed exploit attempts will result in denial-of-service conditions.
Calacode @Mail is prone to an HTML-injection vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker can exploit this issue to execute arbitrary script code in the victim's browser, in the context of the affected site, potentially allowing the attacker to steal cookie-based authentication credentials or to control how the site is rendered to the user. Other attacks are also possible. An attacker can exploit this issue by creating an email message containing malicious script code and sending it to a user of the vulnerable application.
PHPBuilder is prone to a directory-traversal vulnerability because it fails to properly sanitize user-supplied input. A remote attacker could exploit this vulnerability to reveal the contents of files that contain sensitive information that could aid in further attacks against the affected computer.
Oracle Portal is prone to multiple HTTP response-splitting vulnerabilities because the application fails to properly sanitize user-supplied input. A remote attacker may exploit these vulnerabilities to influence or misrepresent how web content is served, cached, or interpreted. This could aid in various attacks that attempt to entice client users into a false sense of trust.
TYPO3 is prone to multiple vulnerabilities that allow attackers to execute arbitrary commands. This issue occurs because the application fails to properly sanitize user-supplied data. Exploiting these issues allows unauthenticated attackers to execute arbitrary system commands with the privileges of the application.
Services By CQR