Koobi CMS is reportedly affected by a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user. This may facilitate the theft of cookie-based authentication credentials as well as other attacks.
Double Choco Latte is reported prone to multiple vulnerabilities. These issues result from insufficient sanitization of user-supplied data and may allow an attacker to carry out cross-site scripting/HTML injection attacks and execute arbitrary PHP code on a computer. Double Choco Latte 0.9.4.3 is reported vulnerable to the cross-site scripting/HTML injection issue. Double Choco Latte 0.9.4.2 and prior versions are affected by the PHP code execution issue.
Microsoft Windows XP is prone to a remote denial of service vulnerability. This issue can allow a remote unauthorized user to shutdown an affected computer. A remote attacker uses the TSShutdn.exe command to restart or shutdown a computer. It should be noted that the exploitation of this vulnerability may require the attacker to be part of the same domain.
Invision Power Board is reported prone to an HTML injection vulnerability. This issue arises due to insufficient sanitization of user-supplied data. It is reported that due to a lack of filtering of HTML tags, an attacker can inject an IFRAME through an HTTP POST request.
phpSysInfo is reportedly affected by multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage these issues to have arbitrary script code executed in the browser of an unsuspecting user. This may facilitate the theft of cookie-based authentication credentials as well as other attacks.
phpSysInfo is reportedly affected by multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage these issues to have arbitrary script code executed in the browser of an unsuspecting user. This may facilitate the theft of cookie-based authentication credentials as well as other attacks.
DigitalHive is reportedly affected by a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user. This may facilitate the theft of cookie-based authentication credentials as well as other attacks.
Interspire ArticleLive 2005 is reportedly affected by a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user. This may facilitate the theft of cookie-based authentication credentials as well as other attacks.
Vortex Portal is reportedly affected by a remote PHP file include vulnerability. This issue is due to a failure in the application to properly sanitize user supplied input. It is conjectured this vulnerability affects the latest release of Vortex Portal, version 2.0.
It is reported that Microsoft Windows XP Service Pack 1 is prone to a local denial of service vulnerability. The issue is reported to manifest when a raw IP over IP socket is created and data is transferred over the newly created socket. It is reported that this operation causes the kernel of the Windows computer to crash, resulting in the computer rebooting. If this issue can be triggered reliably, a local attacker may exploit the issue to deny service for legitimate users.
Services By CQR