ASPNuke is prone to an HTTP response splitting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. A remote attacker may exploit this vulnerability to influence or misrepresent how Web content is served, cached or interpreted. This could aid in various attacks that attempt to entice client users into a false sense of trust.
ASPNuke is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage any of these issues to have arbitrary script code executed in the browser of an unsuspecting user in the context of the affected site. This may facilitate the theft of cookie-based authentication credentials as well as other attacks.
CSV_DB.CGI/i_DB.CGI are affected by a remote command execution vulnerability. Specifically, an attacker can supply arbitrary commands prefixed with the '|' character through the 'csv_db.cgi' script that will be executed in the context of the Web server running the application. CSV-DB 1.00 is affected by this issue.
UBB.Threads is prone to multiple SQL injection vulnerabilities because the application fails to properly sanitize user-supplied input before using it in SQL queries. A successful exploit could allow an attacker to compromise the application, access or modify data, or exploit vulnerabilities in the underlying database.
Sun Solaris traceroute is affected by multiple local buffer overflow vulnerabilities. These vulnerabilities present themselves when the application handles excessive data supplied through command line arguments. These issue are reported to affect /usr/sbin/traceroute running on Sun Solaris 10. Some reports indicate that this issue cannot be reproduced. It is also reported that this issue is only exploitable on the Solaris x86 platform.
Forum Russian Board is prone to multiple input validation vulnerabilities. These issues can allow attackers to carry out SQL Injection, cross-site scripting, and HTML injection attacks.
Easynews doesn't properly check to ensure an administrator has been logged in with correct username and password information, it only checks if $admin[$en_login_id] == 'true'. Tested and working on version 4.4.0 and 4.4.1 (previous versions may also be affected) with register_globals = On, after bypassing the login check administrators have the option to edit config2.php (PHP code can be inserted then executed by visiting config2.php directly or any other script that includes config2.php) and other general settings.
Whois.Cart is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user in the context of the affected site. This may facilitate the theft of cookie-based authentication credentials as well as other attacks.
WhatsUp Professional is prone to an SQL injection vulnerability affecting its Web-based front end. This issue is due to a failure in the application to properly sanitize user-supplied input to the 'login.asp' script before using it in an SQL query. Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation. It should be noted that by supplying a 'or' value through the 'password' parameter, an attacker can gain unauthorized access to an affected site.
DUclassmate is prone to multiple SQL-injection vulnerabilities because the application fails to properly sanitize user-supplied input before using it in SQL queries. A successful exploit could allow an attacker to compromise the application, access or modify data, or exploit vulnerabilities in the underlying database implementation.
Services By CQR