bbsNew is prone to a remote file-include vulnerability because it fails to properly sanitize user-supplied input. A successful exploit of this issue allows an attacker to execute arbitrary server-side script code on an affected computer with the privileges of the webserver process.
DanPHPSupport is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied input data. An attacker may leverage these issues to have arbitrary script code execute in the browser of an unsuspecting user in the context of the affected site. This may allow an attacker to steal cookie-based authentication credentials and to launch other attacks.
Call of Duty server is prone to a remote buffer-overflow vulnerability because it fails to properly bounds-check user-supplied input before copying it to an insufficiently sized memory buffer. Exploiting this issue may allow remote attackers to execute arbitrary machine code in the context of the affected application. Failed exploit attempts will likely cause denial-of-service conditions.
WWWThreads is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to have arbitrary script code execute in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks.
Opial Audio/Visual Download Management is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied input data. An attacker may leverage this issue to have arbitrary script code execute in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks.
Photostore is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied input data. An attacker may leverage these issues to have arbitrary script code execute in the browser of an unsuspecting user in the context of the affected site. This may allow an attacker to steal cookie-based authentication credentials and to launch other attacks.
Photostore is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied input data. An attacker may leverage these issues to have arbitrary script code execute in the browser of an unsuspecting user in the context of the affected site. This may allow an attacker to steal cookie-based authentication credentials and to launch other attacks.
toendaCMS is prone to a directory-traversal vulnerability because it fails to sufficiently sanitize user-supplied input data. Exploiting this issue may allow an attacker to access sensitive information that could aid in further attacks.
A remote attacker can exploit this issue to gain administrative access to the affected application. This may lead to other attacks.
This exploit uses the Run method of the LunchApp.APlunch ActiveX control to execute arbitrary commands. The control is marked as safe for scripting, so no user interaction is required to exploit this vulnerability.
Services By CQR