PHP-Nuke AutoHTML Module is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input. A successful exploit may allow an attacker to execute arbitrary local scripts within the context of the affected application.
Microsoft Internet Explorer is prone to a denial-of-service vulnerability. This issue occurs because the application fails to load a DLL library when instantiated as an ActiveX control. An attacker may exploit this issue to crash Internet Explorer, effectively denying service to legitimate users and may cause arbitrary code to run within the context of the application.
Linux-HA Heartbeat is prone to a remote denial-of-service vulnerability. By successfully exploiting this issue, attackers can crash the master control process. This may result in the failure of services that depend on the application's functionality. An example exploit is provided: perl -e 'print "###2147483647heart attack:%%%"' | nc -u 192.168.1.12 694
Multiple cross-site scripting vulnerabilities affect BlaBla 4U because the application fails to properly sanitize user-supplied input before including it in dynamically generated web content. An attacker may leverage these issues to have arbitrary script code execute in the browser of an unsuspecting user. This may help the attacker steal cookie-based authentication credentials and launch other attacks.
The libmusicbrainz library is prone to multiple buffer-overflow vulnerabilities because the application fails to check the size of the data before copying it into a finite-sized internal memory buffer. An attacker can exploit these issues to execute arbitrary code within the context of the application or to cause a denial-of-service condition.
ImageMagick is prone to a remote heap buffer-overflow vulnerability because the application fails to properly bounds-check user-supplied input before copying it to an insufficiently sized memory buffer. This issue allows attackers to execute arbitrary machine code in the context of applications that use the ImageMagick library.
WP-DB Backup For Wordpress is prone to a directory-traversal vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this vulnerability to retrieve arbitrary files from the vulnerable system in the context of the affected application. Information obtained may aid in further attacks.
The Microsoft Windows Help File viewer (winhlp32.exe) is prone to multiple remote vulnerabilities. These vulnerabilities present themselves when the application handles specially crafted Windows Help (.hlp) files. A successful attack may let the attacker crash the application or execute arbitrary code in the context of a vulnerable user who opens a malicious file.
WEBinsta Mailing List Manager is prone to a remote file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this issue to include an arbitrary remote file containing malicious PHP code and execute it in the context of the webserver process. This may facilitate a compromise of the application and the underlying system; other attacks are also possible.
miniBloggie is prone to a remote file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this issue to include an arbitrary remote file containing malicious PHP code and execute it in the context of the webserver process. This may facilitate a compromise of the application and the underlying system; other attacks are also possible.
Services By CQR