Stronghold 2 is affected by a remote denial of service vulnerability. The issue arises when the game server handles a specially crafted packet.
India Software Solution Shopping Cart is prone to an SQL injection vulnerability. This vulnerability could permit remote attackers to pass malicious input to database queries, resulting in modification of query logic or other attacks.
ServersCheck is affected by a directory traversal vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to disclose arbitrary files on an affected computer in the context of the affected application. This may aid in further attacks against the underlying system.
Hosting Controller is reported to be prone to multiple vulnerabilities, which can allow an attacker to gain unauthorized access to data and carry out SQL injection attacks. These issues reportedly affect Hosting Controller 6.1 HotFix 2.0 and prior versions.
An attacker can send an email message with a malformed header field to initiate an infinite loop in the application. This eventually leads to a crash due to resource exhaustion.
os4e is prone to an SQL injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input to the 'login.asp' script before using it in an SQL query. Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation.
NPDS is affected by multiple vulnerabilities resulting from input validation errors. These issues may allow remote attackers to carry out HTML injection, cross-site scripting and SQL injection attacks. This may result in the theft of authentication credentials, destruction or disclosure of sensitive data, and potentially other attacks.
Reportedly, a moderator can edit forum posts owned by other moderators through an HTTP GET request without providing sufficient authentication credentials.
JAWS is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input to the 'Glossary' module. This may facilitate the theft of cookie-based authentication credentials as well as other attacks.
Simplog 0.9.3.1 is vulnerable to a remote SQL injection vulnerability. This vulnerability requires at least one blog entry to be made prior to injection. An attacker can exploit this vulnerability by sending a specially crafted HTTP request to the vulnerable server. This will allow the attacker to gain access to the login credentials of the administrator.
Services By CQR