PostNuke Phoenix is reported prone to an SQL injection vulnerability. This issue arises due to insufficient sanitization of user-supplied input. It is reported that issue presents itself when malicious SQL syntax is issued to the application through the 'show' variable.
Scrapland game server is reported prone to various denial of service vulnerabilities. These issues present themselves because the application fails to handle exceptional conditions. It is reported that the game server crashes when handling various errors.
This exploit is due to the application failing to properly sanitize user-supplied input during authentication. Exploitation of this vulnerability would permit unauthorized access to any known account including the administrator account.
phpBB is affected by an authentication bypass vulnerability due to the application failing to properly sanitize user-supplied input during authentication. Exploitation of this vulnerability would permit unauthorized access to any known account including the administrator account. The vendor has addressed this issue in phpBB 2.0.13.
A remote buffer overflow vulnerability affects Stormy Studios KNet. This issue is due to a failure of the application to securely copy user-supplied input into finite process buffers. An attacker may leverage this issue to execute arbitrary code on a computer with the privileges of the affected server, facilitating unauthorized access.
Gaim is affected by a denial of service vulnerability during the download of a file. This issue can allow remote attackers to cause an affected client to fail. A vulnerablity in the client arises when it tries to download a file with bracket characters '(' ')' in the file name.
CIS WebServer is vulnerable to a directory traversal attack, which allows an attacker to gain read access to files on a host using the vulnerable software. This is done by sending a specially crafted request containing directory traversal strings, such as "../../../windows/repair/sam".
phpWebSite is reported prone to a remote arbitrary PHP file upload vulnerability. The issue presents itself due to a lack of sanitization performed on image files that are uploaded when submitting an announcement. A remote attacker may exploit this condition to execute arbitrary PHP code in the context of the hosting web server process.
Multiple remote input validation vulnerabilities affect PunBB. These issues are due to a failure of the application to sanitize user-supplied input prior to using it to carry out critical functions. An attacker may leverage these issues to have arbitrary SQL queries executed against the database; this may facilitate data corruption or manipulation. Furthermore one of these issues may be leveraged to trigger a denial of service condition against current user by setting their passwords to a NULL value.
Cyclades AlterPath Manager is a network device designed to facilitate remote administration of all network-accessible infrastructure resources. Multiple remote vulnerabilities affect Cyclades AlterPath Manager. These issues are due to various design errors that affect the overall security of the vulnerable device. An attacker may leverage these issues to gain unauthorized access to network-based resources, to gain escalated privileges and to gain access to potentially sensitive information. It should be noted that although only version 1.1.0 of the software is reported affected by these issues, it is likely earlier versions are affected as well.
Services By CQR