LinksCaffe is prone to multiple input-validation vulnerabilities. The issues include cross-site scripting and SQL-injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. Successful exploitation of these vulnerabilities could allow an attacker to compromise the application, access or modify data, steal cookie-based authentication credentials, or even exploit vulnerabilities in the underlying database implementation. Other attacks are also possible.
LinksCaffe is prone to multiple input-validation vulnerabilities. The issues include cross-site scripting and SQL-injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. Successful exploitation of these vulnerabilities could allow an attacker to compromise the application, access or modify data, steal cookie-based authentication credentials, or even exploit vulnerabilities in the underlying database implementation. Other attacks are also possible.
AGEphone is prone to a remote buffer-overflow vulnerability. Specifically, this issue presents itself when the application handles a malicious SIP (Session Initiation Protocol) packet. Two malicious SIP packets have been identified, one with approximately 68 bytes and the other with approximately 48 bytes.
Prince Clan Chess Club for Mambo is prone to a remote file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this issue to include arbitrary remote files containing malicious PHP code and execute it in the context of the webserver process. This may allow the attacker to compromise the application and to gain access to the underlying system.
Microsoft Windows is reportedly prone to a remote denial-of-service vulnerability. This issue may be due to the operating system's failure to properly handle unexpected network traffic. This issue may cause affected computers to crash, denying service to legitimate users.
MusicBox is prone to an SQL-injection vulnerability because it fails to properly sanitize user-supplied input before using it in an SQL query. A successful attack could allow an attacker to compromise the application, access or modify data, or exploit vulnerabilities in the underlying database implementation.
Multiple Rad Scripts products are prone to an authentication-bypass vulnerability. These issues occur because the applications fail to prevent an attacker from accessing admin scripts directly without requiring authentication. A remote attacker can exploit these issues to perform administrative functions without requiring authentication. For example, the attacker may be able to overwrite existing files on the vulnerable computer in the context of the webserver process.
Vanilla is prone to a remote file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this issue to include an arbitrary remote file containing malicious PHP code and execute it in the context of the webserver process. This may allow the attacker to compromise the application and the underlying system; other attacks are also possible.
GnuPG is prone to a remote buffer-overflow vulnerability because it fails to properly bounds-check user-supplied input before copying it to an insufficiently sized memory buffer. This issue may allow remote attackers to execute arbitrary machine code in the context of the affected application, but this has not been confirmed.
Chameleon LE is prone to a directory-traversal vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this vulnerability to retrieve arbitrary files from the vulnerable system in the context of the affected application. Information obtained may aid in further attacks.
Services By CQR