phpbb-auction module is prone to an SQL injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation.
Neslo Desktop Rover is prone to a remote denial of service. Reports indicate that the software will crash when a malformed packet is processed on TCP port 61427. A remote attacker may exploit this condition crash the software and effectively deny service for legitimate users.
PHP Labs proFile is prone to a cross-site scripting vulnerability. As a result, attackers may embed hostile HTML and script code in a malicious link to the affected application. If the link is followed, the code may be rendered by the victim's browser in the context of the vulnerable site. Exploitation could allow theft of cookie-based authentication credentials or other attacks.
Ocean12 Calendar Manager is prone to an SQL injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation.
Netref is vulnerable to a remote PHP script injection vulnerability due to a failure of the application to sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary PHP script code in the context of an affected Web server, facilitating a compromise of the host computer.
EcommProV3 is prone to an SQL injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation.
Logwatch is prone to a denial of service vulnerability in the secure script. This issue may be exploited by a local attacker who can inject a malicious string into a log file, causing a denial of service condition. As a result, the utility may not detect subsequent malicious activity.
CityPost Simple PHP Upload is affected by a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input to the 'simple-upload-53.php' script. An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user. This may facilitate the theft of cookie-based authentication credentials as well as other attacks.
CityPost Image Cropper/Resizer is affected by a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input to the 'image-editor-52.php' script. An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user. This may facilitate the theft of cookie-based authentication credentials as well as other attacks.
CityPost PHP LNKX is affected by a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input to the 'message.php' script. An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user. This may facilitate the theft of cookie-based authentication credentials as well as other attacks.
Services By CQR