Oracle Database server is reported to be vulnerable to multiple directory traversal vulnerabilities that may allow a remote attacker to read, write, or rename arbitrary files with the privileges of the Oracle Database server. This is due to a lack of sufficient input validation performed on filenames and paths passed to file processing functions, and may allow a malicious SQL query to traverse outside of a directory that is described in an Oracle directory object. Examples of malicious SQL queries are provided in the text.
Hosting Controller is reported prone to multiple information disclosure vulnerabilities. These issues can allow an attacker to disclose sensitive information, which may be used to carry out further attacks against a computer. An attacker can access a sensitive file to enumerate domain names of all hosted domains. Another issue affecting the application may allow remote users to disclose an administrator's email address.
phpWebLog is prone to remote file include vulnerability. This issue is due to a failure of the application to properly sanitize user-supplied input prior to using it in a PHP 'include_once()' function call. An attacker may leverage this issue to execute arbitrary server-side script code on an affected computer with the privileges of the Web server process. This may facilitate unauthorized access.
An attacker may leverage this issue to execute arbitrary server-side script code on an affected computer with the privileges of the Web server process. This may facilitate unauthorized access.
A remote buffer overflow vulnerability affects JoWood Chaser. This issue is due to a failure of the application to securely copy user-supplied input into finite process buffers. An attacker may leverage this issue to execute arbitrary code in affected clients or trigger a denial of service condition in affected servers.
Ca3DE is reported prone to multiple remote vulnerabilities. An attacker can exploit these issues to carry out format string and denial of service attacks. It is reported that all commands accepted by the server are affected by format string vulnerabilities. A successful attack may result in crashing the application or lead to arbitrary code execution. This may facilitate unauthorized access or privilege escalation in the context of the application. The application is also affected by a remote denial of service vulnerability.
Download Center Lite is reportedly affected by an arbitrary remote PHP file include vulnerability. This issue is due to the application failing to properly sanitize user supplied input. This vulnerability affects Download Center Lite version 1.5; earlier versions may also be affected.
Multiple browsers are reported prone to an information disclosure weakness. This issue can allow an attacker to determine information such as the location of files, file names and user names on a vulnerable computer. Information gathered through the exploitation of this weakness may aid in other attacks against the computer. This weakness has been identified in Microsoft Internet Explorer, Mozilla Firefox, and Opera. Server-side Perl CGI (ask.cgi) and client-side FORM are used to exploit this vulnerability.
CProxy is reported prone to a remote directory traversal vulnerability. This issue arises due to insufficient sanitization of user-supplied data. A remote user may exploit this issue to disclose arbitrary files and carry out a denial of service condition. It is reported that an attacker can simply issue an HTTP GET request including directory traversal sequences to carry out this attack.
Typo3 'cmw_linklist' extension is affected by a remote SQL injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in a SQL query. Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation. Gulftech Security Research has supplied the following additional proof of concepts: A test for vulnerability: http://www.example.com/[path]/?&action=getviewcategory&category_uid=-99%20UNION%20SELECT%20username%20FROM%20be_users%20WHERE%20uid=1/* Lists user names and categories: http://www.example.com/[path]/?&action=getviewcategory&category_uid=-99%20UNION%20SELECT%20username,null%20FROM%20be_users%20WHERE%201/*
Services By CQR