CPAINT is prone to an input validation vulnerability. This issue occurs because the application fails to properly sanitize malicious scripts and requests from user-supplied input. Successful exploitation of this vulnerability could lead to a compromise of the server running the affected application. Other attacks are also possible.
ECW Shop is prone to an SQL injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in SQL queries. The consequences of this attack may vary depending on the type of queries that can be influenced, and the implementation of the database.
PersianBlog is prone to an SQL injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation.
My Image Gallery is prone to multiple cross-site scripting vulnerabilities due to improper sanitization of user-supplied input. An attacker can exploit these vulnerabilities to inject html and script code into the Web browser of an unsuspecting victim. The attacker may then steal cookie-based authentication credentials. Other attacks are also possible.
Apple Mac OS X Weblog Server is prone to cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage these issues to have arbitrary script code executed in the browser of an unsuspecting user in the context of the affected site. This may facilitate the theft of cookie-based authentication credentials as well as other attacks.
MyBulletinBoard is prone to multiple SQL injection vulnerability. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in SQL queries. Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation. Reports indicate an attacker can exploit at least one of these vulnerabilities to gain administrative access to the affected application.
VegaDNS is vulnerable to cross-site scripting attacks due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user in the context of the affected site. This may facilitate the theft of cookie-based authentication credentials as well as other attacks.
Winterm 1125SE is affected by a remote denial of service vulnerability. This issue is due to the application failing to handle exceptional conditions in a proper manner. The problem occurs when processing packets with malformed IP headers. A successful attack causes the application to crash, denying service to legitimate users.
PHPTB is prone to multiple SQL injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in SQL queries. The consequences of this attack may vary depending on the type of queries that can be influenced, and the implementation of the database.
ezUpload is affected by multiple remote file include vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage any of these issues to execute arbitrary server-side script code on an affected computer with the privileges of the Web server process. This may facilitate unauthorized access.
Services By CQR