BibORB is reported prone to multiple vulnerabilities arising from insufficient sanitization of user-supplied input. These issues can be exploited by a remote attacker to carry out cross-site scripting, HTML injection, SQL injection, directory traversal, and arbitrary file upload attacks.
WebCalendar is affected by an SQL injection vulnerability. This issue exists because the application fails to properly sanitize user-supplied input before using it in SQL queries. Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation. Attack payload is telnet example.com GET /login.php HTTP/1.1 Cookie: webcalendar_session=7c8c3a738e858f4199b6b386743c7c8e906075c47f7b817993414cb6cd94897d7882858abbb8
A remote cross-site scripting vulnerability affects the 'forum.php' script of MercuryBoard. This issue is due to a failure of the application to properly sanitize user-supplied input prior to including it in dynamically generated Web content. An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user. This may facilitate the theft of cookie-based authentication credentials as well as other attacks.
PaNews is reportedly affected by a cross-site scripting vulnerability. This issue exists because the application fails to properly sanitize user-supplied input. As a result of this vulnerability, it is possible for a remote attacker to create a malicious link containing script code that will be executed in the browser of an unsuspecting user when followed. This may facilitate the theft of cookie-based authentication credentials as well as other attacks.
It is reported that ASP.NET is prone to various cross-site scripting attacks. These issues occur when ASP.NET converts Unicode characters ranging from U+ff00-U+ff60 to ASCII. Apparently, the application fails to properly validate Unicode characters allowing an attacker to craft a malicious link containing arbitrary HTML or script code to be executed in a user's browser. This can facilitate theft of cookie-based credentials and other attacks.
DCP-Portal is reportedly affected by multiple SQL injection vulnerabilities. These issues exist because the application fails to properly sanitize user-supplied input before using it in SQL queries. Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation.
AWStats is reported prone to a remote arbitrary command-execution vulnerability. This issue occurs because the application fails to properly sanitize user-supplied data. Specifically, the user-specified 'logfile' URI parameter is supplied to the Perl 'open()' routine. This issue is considered distinct from BID 10950 (AWStats Rawlog Plugin Logfile Parameter Input Validation Vulnerability).
VPN-1 SecureClient is reported prone to a vulnerability that may allow local attackers to disclose sensitive memory. This can lead to various other attacks against a vulnerable computer. The vulnerability exists in the 'SR_Service.exe', which manages VPN connections. A successful attack may allow the attacker to disclose memory and cause the application to crash. Reportedly, this issue can be leveraged to ultimately execute arbitrary code, however, this has not been confirmed.
typespeed is prone to a local format string vulnerability. Successful exploitation could allow privilege escalation. The exploit uses a proof of concept local exploit for typespeed tool. It sets the environment variable HOME to a buffer containing the address of the variable var, which is then used to overwrite the return address of the main function with the address of the shellcode. The exploit then calls the typespeed tool, which executes the shellcode.
A vulnerability is reported to exist in osCommerce that may allow a remote user to launch cross-site scripting attacks. This issue could permit a remote attacker to create a malicious URI link that includes hostile HTML and script code. If this link were to be followed, the hostile code may be rendered in the web browser of the victim user. This would occur in the security context of the affected Web site and may allow for theft of cookie-based authentication credentials or other attacks.
Services By CQR