Kayako SupportSuite is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code execute in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks.
IpManager is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code execute in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks.
All In One Control Panel (AIOCP) is prone to multiple input-validation vulnerabilities because it fails to sufficiently sanitize user-supplied input data. Exploiting these issues could allow an attacker to steal cookie-based authentication credentials, access or modify sensitive data, execute arbitrary script code in the context of the application, compromise the application and possibly exploit latent vulnerabilities in the underlying system; other attacks are also possible.
All In One Control Panel (AIOCP) is prone to multiple input-validation vulnerabilities because it fails to sufficiently sanitize user-supplied input data. Exploiting these issues could allow an attacker to steal cookie-based authentication credentials, access or modify sensitive data, execute arbitrary script code in the context of the application, compromise the application and possibly exploit latent vulnerabilities in the underlying system; other attacks are also possible.
The America Online ICQ ActiveX Control is prone to a remote code-execution vulnerability. An attacker could exploit this issue simply by sending a message to a victim ICQ user. Successful exploits could allow the attacker to execute arbitrary code. The ICQPhone.SipxPhoneManager ActiveX control with the following CLSID is affected: 54BDE6EC-F42F-4500-AC46-905177444300
Xoops is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code execute in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks.
The '@cid stats' program is prone to a remote file-include vulnerability because it fails to sufficiently sanitize user-supplied data. Exploiting this issue may allow an attacker to compromise the application and the underlying system; other attacks are also possible.
The Linux kernel is prone to a local denial-of-service vulnerability. This issue affects the code that handles the ISO9660 filesystem. An attacker can exploit this issue to crash the affected computer, denying service to legitimate users.
Sun Solaris 10 is prone to a local denial-of-service vulnerability. This issue affects the UFS filesystem-handling code. An attacker can exploit this issue to crash the affected computer, denying service to legitimate users. Solaris 10 on the ia32/x86 architecture has been reported vulnerable; previous versions may be affected as well, but Symantec has not confirmed this.
PHPKIT is prone to an SQL-injection vulnerability because the application fails to properly sanitize user-supplied input before using it in an SQL query. A successful exploit could allow an attacker to compromise the application, access or modify data, or exploit vulnerabilities in the underlying database implementation.
Services By CQR