Xtreme ASP Photo Gallery is prone to multiple input-validation vulnerabilities, including cross-site scripting and SQL-injection issues and an HTML-injection issue because the application fails to properly sanitize user-supplied input. Successful exploits of these vulnerabilities could allow an attacker to compromise the application, access or modify data, steal cookie-based authentication credentials, or even exploit vulnerabilities in the underlying database implementation. Other attacks are also possible.
phpMyAdmin is prone to multiple input-validation vulnerabilities, including an HTML-injection vulnerability, cross-site scripting vulnerabilities, and information-disclosure vulnerabilities. An attacker could exploit these vulnerabilities to view sensitive information or to have arbitrary script code execute in the context of the affected site, which may allow the attacker to steal cookie-based authentication credentials or change the way the site is rendered to the user. Data gained could aid in further attacks.
Image gallery with Access Database is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting these issues could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database implementation.
Image Gallery with Access Database is prone to multiple SQL injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting these issues could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database implementation.
Sphpblog is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to have arbitrary script code execute in the browser of an unsuspecting user in the context of the affected site. This may help the attacker to steal cookie-based authentication credentials and to launch other attacks.
Odysseus Blog is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code execute in the browser of an unsuspecting user in the context of the affected site. This may help the attacker to steal cookie-based authentication credentials and launch other attacks.
BlogTorrent Preview is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code execute in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks.
The i-gallery application is prone to multiple-input validation vulnerabilities, including multiple cross-site scripting vulnerabilities and an HTML-injection issue, because the software fails to sufficiently sanitize user-supplied data. Attacker-supplied HTML and script code would execute in the context of the affected site, potentially allowing the attacker to steal cookie-based authentication credentials or to control how the site is rendered to the user; other attacks are also possible.
Hot Links is prone to an information-disclosure vulnerability because it fails to authenticate the user during specific download requests. An attacker can exploit this issue to retrieve administrative backup files. Information obtained may aid in further attacks.
ASPIntranet is prone to multiple SQL-injection vulnerabilities because the application fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting these issues could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database implementation.
Services By CQR