XennoBB is prone to a directory-traversal vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this vulnerability to retrieve arbitrary files from the vulnerable system in the context of the affected application. Information obtained may aid in further attacks.
CLUB-Nuke is prone to multiple SQL-injection vulnerabilities because it fails to properly sanitize user-supplied input before using it in an SQL query. A successful exploit could allow an attacker to compromise the application, access or modify data, or exploit vulnerabilities in the underlying database implementation.
Simple one-file guestbook is prone to a security-bypass vulnerability. An attacker can bypass authentication measures by using a specific URL to delete all guestbook entries. Version 1.0 of Simple one-file guestbook is vulnerable. Other versions may be affected as well.
phpPrintAnalyzer is prone to a remote file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this issue to include arbitrary remote files containing malicious PHP code and execute it in the context of the webserver process. This may allow the attacker to compromise the application and to gain access to the underlying system.
The Linux kernel is susceptible to a remote denial-of-service vulnerability because the EXT3 filesystem code fails to properly handle unexpected conditions. Remote attackers may trigger this issue by sending crafted UDP datagrams to affected computers that are configured as NFS servers, causing filesystem errors. Depending on the mount-time options of affected filesystems, this may result in remounting filesystems as read-only or cause a kernel panic.
VWar is prone to multiple remote file-include vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker can exploit these issues to include an arbitrary remote file containing malicious PHP code and execute it in the context of the webserver process. This may allow the attacker to compromise the application and the underlying system; other attacks are also possible.
PHP Simple Shop is prone to multiple remote file-include vulnerabilities. An attacker can exploit these issues to execute arbitrary malicious PHP code in the context of the webserver process. This may facilitate a compromise of the application and the underlying system; other attacks are also possible.
ClamAV is prone to a heap buffer-overflow vulnerability because it fails to properly bounds-check user-supplied data before copying it to an insufficiently sized memory buffer. This issue occurs when the application attempts to handle compressed UPX files. Exploiting this issue could allow attacker-supplied machine code to execute in the context of the affected application. The issue would occur when the malformed file is scanned manually or automatically in deployments such as email gateways.
DConnect Daemon is prone to a denial-of-service vulnerability. This issue occurs because the application fails to handle null-pointer exceptions properly. An attacker can exploit this issue to crash the server, causing a denial-of-service.
DConnect Daemon is prone to a buffer-overflow vulnerability because the library fails to do proper boundary checks before copying user-supplied data into a finite-sized buffer. This issue allows remote attackers to execute arbitrary code within the context of the application or cause the application to crash causing a denial of service.
Services By CQR