Dokeos is prone to multiple remote file-include vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit this issue to include an arbitrary remote file containing malicious PHP code and execute it in the context of the webserver process. This may allow the attacker to compromise the application and the underlying system; other attacks are also possible.
CommunityPortals is prone to a remote file-include vulnerability because it fails to sufficiently sanitize user-supplied input data. An attacker can exploit this issue to have malicious PHP code execute in the context of the webserver process. This may allow the attacker to compromise the application and the underlying system; other attacks are also possible.
Google Earth is prone to a buffer-overflow vulnerability because the application fails to properly verify the size of user-supplied data before copying it into an insufficiently sized process buffer. This issue allows remote attackers to execute arbitrary machine code in the context of the user running the affected application. Failed exploit attempts will likely crash applications, denying service to legitimate users.
gcards is prone to a remote file-include vulnerability because it fails to sufficiently sanitize user-supplied input data. An attacker can exploit this issue to have malicious PHP code execute in the context of the webserver process. This may allow the attacker to compromise the application and the underlying system; other attacks are also possible.
MySQLDumper is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. Exploiting this issue could allow an attacker to execute attacker-supplied script code in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks.
Tagit2b is prone to a remote file-include vulnerability because it fails to sufficiently sanitize user-supplied input data. An attacker can exploit this issue to have malicious PHP code execute in the context of the webserver process. This may allow the attacker to compromise the application and the underlying system; other attacks are also possible.
BlueShoes Framework is prone to a remote file-include vulnerability because it fails to sufficiently sanitize user-supplied data. Exploiting this issue may allow an attacker to compromise the application and the underlying system; other attacks are also possible.
Softerra PHP Developer Library is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues may allow an attacker to compromise the application and the underlying system; other attacks are also possible.
Album Photo Sans Nom is prone to a remote file-include vulnerability because it fails to sufficiently sanitize user-supplied data. Exploiting this issue may allow an attacker to compromise the application and the underlying system; other attacks are also possible.
IronWebMail is prone to a remote information-disclosure vulnerability because the application fails to properly sanitize user-supplied input. Exploiting this issue allows remote, unauthenticated attackers to retrieve the contents of arbitrary files from vulnerable computers with the privileges of the webserver process. Information harvested may aid in further attacks.
Services By CQR