Ublog Reload is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user in the context of the affected site. This may facilitate the theft of cookie-based authentication credentials as well as other attacks.
Ublog Reload is prone to multiple SQL injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in SQL queries. Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation.
A vulnerability has been reported in Yaws that may result in the disclosure of script files' source code. Information obtained in this manner may be used by the attacker to launch further attacks against a vulnerable system.
osCommerce is prone to multiple HTTP response splitting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. A remote attacker may exploit any of these vulnerabilities to influence or misrepresent how Web content is served, cached or interpreted. This could aid in various attacks that attempt to entice client users into a false sense of trust.
Cool Cafe Chat is prone to an SQL injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input to the 'login.asp' script before using it in an SQL query. Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation.
Ultimate PHP Board is prone to a weak password encryption vulnerability. This issue is due to a failure of the application to protect passwords with a sufficiently effective encryption scheme. This issue may allow a malicious user to gain access to user and administrator passwords for the affected application.
Ultimate PHP Board is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage any of these issues to have arbitrary script code executed in the browser of an unsuspecting user in the context of the affected site. This may facilitate the theft of cookie-based authentication credentials as well as other attacks.
paFileDB is prone to multiple input validation vulnerabilities, including multiple SQL injection issues and multiple cross-site scripting issues when passing user-supplied arguments to the 'sortby', 'filelist', and 'pages' parameters of the 'pafiledb.php' script. Exploitation of these issues may allow for compromise of the software, session hijacking, or attacks against the underlying database. Additionally, paFileDB is prone to a file disclosure vulnerability when the 'action' parameter of the 'pafiledb.php' script is affected.
McGallery is prone to a file disclosure vulnerability which could let remote attackers access files on the computer in the context of the Web server process.
Adobe Acrobat and Adobe Reader may allow remote attackers to determine the existence of files on a vulnerable computer. This issue can be used to disclose data from a target file as well. Information gathered through the exploitation of this vulnerability may aid in other attacks.
Services By CQR