Jax PHP Scripts are affected by multiple cross-site scripting vulnerabilities. These issues are due to a failure in the applications to properly sanitize user-supplied input. An attacker may leverage any of these issues to have arbitrary script code executed in the browser of an unsuspecting user in the context of the affected site. This may facilitate the theft of cookie-based authentication credentials as well as other attacks.
Jax PHP Scripts are affected by multiple cross-site scripting vulnerabilities due to a failure in the applications to properly sanitize user-supplied input. An attacker may leverage any of these issues to have arbitrary script code executed in the browser of an unsuspecting user in the context of the affected site, which may facilitate the theft of cookie-based authentication credentials as well as other attacks.
A remote unauthorized user can disclose the contents of arbitrary local files through the use of directory traversal strings '../' relative to the Web application's root path. Exploitation of this vulnerability could lead to a loss of confidentiality.
Comdev eCommerce is prone to a remote file include vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary server-side script code on an affected computer with the privileges of the Web server process. This may facilitate unauthorized access.
Portail PHP is prone to an SQL injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in SQL queries. The consequences of this attack may vary depending on the type of queries that can be influenced, and the implementation of the database.
NetworkActiv Web Server is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user in the context of the affected site. This may facilitate the theft of cookie-based authentication credentials as well as other attacks.
Naxtor E-directory is prone to an SQL injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in SQL queries. Successful exploitation results in gaining full administrative access within the context of the affected application. A proof of concept is available: User ID : admin Password : 'or '='
Naxtor E-directory is prone to a cross-site scripting vulnerability due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit this vulnerability to inject HTML and script code into the web browser of an unsuspecting victim. The attacker may then steal cookie-based authentication credentials.
Web content management is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage any of these issues to have arbitrary script code executed in the browser of an unsuspecting user in the context of the affected site. This may facilitate the theft of cookie-based authentication credentials as well as other attacks.
Karrigell is susceptible to an arbitrary Python command execution vulnerability. This issue is due to a design flaw that allows remote attackers to execute Python commands that they are not intended to have access to. Attackers may exploit this vulnerability to execute arbitrary Python commands in the context of the Web server hosting the Karrigell framework. This allows remote malicious users to cause denial of service conditions, create or overwrite arbitrary files, and likely compromise the hosting computer.
Services By CQR