Warrior Kings: Battles is susceptible to a remote denial of service vulnerability. This is due to a failure of the game server to properly handle exceptional conditions. This vulnerability allows remote attackers to crash affected game servers, denying access to legitimate users.
Warrior Kings, and Warrior Kings: Battles are vulnerable to a remote format string vulnerability. This issue is due to a failure of the application to securely implement a formatting printing function. This vulnerability allows remote attackers to crash affected game servers. Due to the nature of this vulnerability, it is also likely that attackers may cause arbitrary machine code to be executed in the context of the affected game server.
PortailPHP is prone to an SQL injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation.
gEdit is prone to a format-string vulnerability. Exploitation may occur when the program is invoked with a filename that includes malicious format specifiers. Attackers could exploit this issue to corrupt arbitrary regions of memory with attacker-supplied data, potentially resulting in the execution of arbitrary code in the context of the user running the program.
Picasm is affected by a remote buffer overflow vulnerability. An attacker can exploit this issue by supplying an excessive 'error' directive. If successfully exploited, this issue can allow a remote attacker to gain access to the affected computer in the context of the user running the application.
PHP Advanced Transfer Manager is prone to an arbitrary file include vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary server-side script code on an affected computer with the privileges of the Web server process. This may facilitate unauthorized access.
The MimeMessage method in the Sun JavaMail API does not perform sufficient validation on message number values that are passed to the method during requests. An attacker that can successfully authenticate to an email server implementation that is written using the Sun JavaMail API, may exploit this issue to make requests for arbitrary email messages that are stored on the server.
Various D-Link DSL routers are susceptible to a remote authentication bypass vulnerability. This issue is due to a failure of the devices to require authentication in certain circumstances. This vulnerability allows remote attackers to gain complete administrative access to affected devices.
Help Center Live is prone to multiple input validation vulnerabilities due to a failure in the application to properly sanitize user-supplied input. Attacker-supplied HTML and script code would be able to access properties of the site, potentially allowing for theft of cookie-based authentication credentials. An attacker could also exploit this issue to control how the site is rendered to the user; other attacks are also possible. Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation.
Wordpress is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user. This may facilitate the theft of cookie-based authentication credentials as well as other attacks.
Services By CQR