MODxCMS is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks.
Papoo is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks.
LifeType is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks.
PowerClan is prone to an SQL-injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. A successful exploit could allow an attacker to compromise the application, access or modify data, or exploit vulnerabilities in the underlying database implementation.
PlanetSearch + is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks.
phpAlbum is prone to a remote file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this issue to execute arbitrary remote PHP code on an affected computer with the privileges of the webserver process. This may facilitate unauthorized access.
The ar-blog application is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks.
Opera is prone to a buffer-overflow vulnerability. This issue is due to the application's failure to properly bounds-check user-supplied input before using it in a string-copy operation. This issue allows remote attackers to crash affected web browsers. Due to the nature of this issue, attackers may be able to exploit this issue to execute machine code, but this has not been confirmed.
Amaya is susceptible to multiple remote buffer-overflow vulnerabilities. These issues are due to the application's failure to properly bounds-check user-supplied data before copying it to insufficiently sized memory buffers. Remote attackers may exploit this issue to execute arbitrary machine code in the context of the affected application. Failed exploit attempts likely crash the application.
Adobe Document Server for Reader Extensions, included with Graphics Server and Document Server, is prone to multiple vulnerabilities that may allow remote attackers to perform cross-site scripting attacks, gain access to potentially sensitive information, and bypass security restrictions to gain administrative access to the application. Adobe Document Server for Reader Extensions version 6.0, included with Adobe Graphics Server 2.1 and Adobe Document Server 6.0, is vulnerable; other versions may also be affected.
Services By CQR