WowBB is prone to an SQL injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input prior to using it in an SQL query. Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation.
PwsPHP is prone to an SQL-injection vulnerability because it fails to properly sanitize user-supplied input before using it in an SQL query. A successful exploit could allow an attacker to compromise the application, access or modify data, or exploit vulnerabilities in the underlying database implementation.
PwsPHP is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user. This may facilitate the theft of cookie-based authentication credentials as well as other attacks.
CodeThatShoppingCart is reportedly affected by multiple input validation vulnerabilities. These issues may allow remote attackers to carry out cross-site scripting and SQL injection attacks. An attacker may also potentially disclose sensitive data.
It is reported that Positive Software H-Sphere Winbox stores user account information in a plaintext format inside of application log files. As a result, user credentials could be exposed to other local users who have permissions to access the log files.
PHP Nuke is prone to an input validation vulnerability. Reports indicate the script fails to correctly identify potentially dangerous characters when the characters are double hex-encoded (i.e. %25%41 == %41 == A). A remote attacker may exploit this issue to bypass PHP Nuke protections and exploit issues that exist in the underlying PHP Nuke installation.
Easy Message Board is prone to a remote command execution vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. Exploiting this issue could allow an attacker to execute arbitrary commands with the privileges of the webserver.
AOL Instant Messenger is reported prone to a remote denial of service vulnerability. The issue manifests when the affected client application handles a chat invitation, a file transfer, or a game request that contains 'smiley' HTML code that passes invalid data as the location of the 'smiley' icon. Reports indicate that the issue manifests because of a buffer overflow condition this, however, is not confirmed. A remote attacker may leverage this condition to crash a target AOL Instant Messenger client. Other attacks may also be possible.
Easy Message Board is prone to a directory traversal vulnerability that could allow attackers to read files outside the Web root. An attacker can exploit this issue by crafting a malicious URL and sending it to a victim.
Orenosv HTTP/FTP server is prone to a remote buffer overflow vulnerability that affects 'cgissi.exe'. This issue presents itself when the application handles excessive values supplied through an SSI command name. A successful attack can result in memory corruption and can be leveraged to cause a denial of service condition or arbitrary code execution. Arbitrary code execution can result in a remote compromise in the context of the server.
Services By CQR