Apache Tomcat is prone to an information-disclosure vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this issue to reveal a complete directory listing from any directory. Information obtained may aid in further attacks. Reports indicate that this issue may also allow attackers to obtain the source code of script files.
Advanced Poll is prone to a remote file-include vulnerability because it fails to properly sanitize user-supplied input to the application. An attacker may leverage this issue to have an arbitrary remote file containing malicious script code execute in the context of the webserver process. This may allow the attacker to compromise the application and the underlying system. Other attacks are also possible.
MiniBB is prone to a remote file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this issue to include arbitrary remote files containing malicious PHP code and execute it in the context of the webserver process. This may allow the attacker to compromise the application and access the underlying system.
GeodesicSolutions products are prone to multiple SQL-injection vulnerabilities because the applications fail to properly sanitize user-supplied input before using it in an SQL query. A successful attack could allow an attacker to compromise the software, access or modify data, or exploit vulnerabilities in the underlying database implementation.
GeodesicSolutions products are prone to multiple SQL-injection vulnerabilities because the applications fail to properly sanitize user-supplied input before using it in an SQL query. A successful attack could allow an attacker to compromise the software, access or modify data, or exploit vulnerabilities in the underlying database implementation. Note that these vulnerabilities occur only when the 'accumulative feedback' feature is turned on.
PHPHostBot is prone to a remote file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this issue to include an arbitrary remote file containing malicious PHP code and execute it in the context of the webserver process. This may allow the attacker to compromise the application and the underlying system; other attacks are also possible.
PHPLinkExchange is prone to a remote file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this issue to include an arbitrary remote file containing malicious PHP code and execute it in the context of the webserver process. This may allow the attacker to compromise the application and the underlying system; other attacks are also possible.
Cisco Security Monitoring, Analysis and Response System (CS-MARS) is prone to a vulnerability that could permit the execution of arbitrary commands. An attacker could exploit this issue to execute arbitrary commands with administrative privileges. This may facilitate a remote compromise of the affected appliance.
Internet Explorer is prone to a denial-of-service vulnerability. An attacker can exploit this vulnerability to crash Internet Explorer and deny service to users.
WinRAR is susceptible to a remote buffer-overflow vulnerability because it fails to properly bounds-check user-supplied input before copying it to an insufficiently sized memory buffer. This vulnerability allows attackers to execute arbitrary machine code in the context of the affected application. Versions of WinRAR from 3.0 to 3.60 beta 6 are vulnerable to this issue.
Services By CQR