Gaim is prone to multiple vulnerabilities affecting the AIM and ICQ protocols. These issues may allow remote attackers to trigger a buffer overflow or a denial-of-service condition.
Apple Safari Web Browser is prone to a vulnerability that may result in a browser crash. This issue is exposed when the browser performs certain JavaScript operations. The exact cause of this issue is currently unknown. This vulnerability allows remote attackers to crash affected Web browsers by causing an invalid memory access exception.
TClanPortal is prone to multiple SQL injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in SQL queries. Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation.
FunkBoard is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage any of these issues to have arbitrary script code executed in the browser of an unsuspecting user in the context of the affected site. This may facilitate the theft of cookie-based authentication credentials as well as other attacks.
Chipmunk CMS is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit this vulnerability to inject html and script code into the Web browser of an unsuspecting victim. The attacker may then steal cookie-based authentication credentials. Other attacks are also possible.
Calendar Express is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user in the context of the affected site. This may facilitate the theft of cookie-based authentication credentials as well as other attacks.
Calendar Express is prone to multiple SQL-injection vulnerabilities because the application fails to properly sanitize user-supplied input before using it in SQL queries. A successful exploit could allow an attacker to compromise the application, access or modify data, or exploit vulnerabilities in the underlying database.
Calendar Express is prone to multiple SQL-injection vulnerabilities because the application fails to properly sanitize user-supplied input before using it in SQL queries. A successful exploit could allow an attacker to compromise the application, access or modify data, or exploit vulnerabilities in the underlying database.
Gravity Board X (GBX) is affected by an unauthorized access vulnerability. This issue is due to a failure in the application to perform proper access validation before granting access to privileged functions. An attacker can exploit this vulnerability and modify an existing CSS template to include arbitrary PHP code. The attacker can then call the stored template and have the malicious PHP code executed in the context of the Web server process. This may aid the attacker in further attacks against the underlying system.
A vulnerability exists in trawler version 1.8.1 which allows an attacker to include remote files via the 'path_red2' and 'path_scr_dat2' parameters in multiple scripts. This can be exploited to execute arbitrary PHP code by including a malicious file from a remote location.
Services By CQR