BlogPHP is prone to multiple SQL injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in SQL queries. Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation.
NewsPHP is prone to multiple SQL injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in SQL queries. Successful exploitation could allow an attacker to compromise the application, access or modify data, or exploit vulnerabilities in the underlying database implementation.
MailSite is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user in the context of the affected site. This may facilitate the theft of cookie-based authentication credentials as well as other attacks.
WebspotBlogging is prone to an SQL injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. Successful exploitation could allow an attacker to compromise the application, access or modify data, or exploit vulnerabilities in the underlying database implementation.
BitComet is prone to a buffer-overflow vulnerability. This issue presents itself when the application attempts to process a malformed '.torrent' file. Exploitation of this issue could allow attacker-supplied machine code to be executed in the context of the affected application. BitComet 0.60 is reportedly vulnerable. Other versions may be affected as well.
saralblog is prone to multiple input validation vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. Successful exploitation of these vulnerabilities could result in a compromise of the application, disclosure or modification of data, the theft of cookie-based authentication credentials or possibly permit an attacker to control how the site is rendered to the user. They may also permit an attacker to exploit vulnerabilities in the underlying database implementation as well as other attacks. The following proof of concept URI for some of the SQL injection issues are available: http://www.example.com/viewprofile.php?id=999%20union%20select%201,2,3,4,5,6,7/* Also supplying the following to the search parameter: aaaaa') union select 1,2,3,4,5,6/*
Eggblog is prone to multiple input validation vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. Successful exploitation of these vulnerabilities could result in a compromise of the application, disclosure or modification of data, the theft of cookie-based authentication credentials. They may also permit an attacker to exploit vulnerabilities in the underlying database implementation. An attacker could also exploit this issue to control how the site is rendered to the user; other attacks are also possible.
Dual DHCP DNS Server is prone to a remote buffer overflow vulnerability. The vulnerability presents itself when the server handles excessive data through the DHCP options field. Successful exploitation can allow attackers to trigger a denial of service condition or execute arbitrary code to gain unauthorized remote access in the context of the affected server.
phpXplorer is prone to a directory traversal vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit this vulnerability to retrieve arbitrary files from the vulnerable system in the context of the Web server process. Information obtained may aid in further attacks; other attacks are also possible.
AOblogger is prone to multiple input-validation vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. Successful exploitation of these vulnerabilities could allow an attacker to compromise the application, access, modify, or create data, and steal cookie-based authentication credentials. An attacker may also be able to exploit vulnerabilities in the underlying database implementation and to launch other attacks.
Services By CQR