Biba Selenium Web Server is prone to a cross-site scripting vulnerability because the application fails to sufficiently sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code execute in the browser of an unsuspecting user in the context of the affected site. This may lead to other attacks.
Dragon Event Listing is prone to multiple SQL-injection vulnerabilities because the application fails to properly sanitize user-supplied input before using it in an SQL query. A successful exploit could allow an attacker to compromise the application, access or modify data, exploit vulnerabilities in the underlying database implementation, and gain unauthorized access to the affected application.
Helm is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker may leverage these issues to have arbitrary script code execute in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks.
High Performance Computers Solutions Shopping Cart is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting these issues could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database implementation.
CandyPress Store is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database implementation.
CandyPress Store is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database implementation.
Teamtek Universal FTP Server 1.0.50 is prone to multiple remote denial-of-service vulnerabilities because the application fails to handle exceptional conditions. An attacker can exploit these issues to crash the affected application, denying service to legitimate users.
Links and ELinks are prone to a remote command-execution vulnerability because the applications fail to properly process website data containing 'smb' commands. An attacker can exploit this issue to execute arbitrary 'smb' commands on a victim computer. This may help the attacker compromise the application and the underlying system; other attacks are also possible.
Conxint is prone to multiple directory-traversal vulnerabilities because the application fails to sufficiently sanitize user-supplied data. Exploiting these issues may allow a remote attacker to access any file on the affected webserver.
MGinternet Property Site Manager is prone to multiple input-validation vulnerabilities, including cross-site scripting and SQL-injection issues, because it fails to sufficiently sanitize user-supplied input. An attacker could exploit these issues to steal cookie-based authentication credentials, compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database implementation.
Services By CQR