It has been reported that TW-WebServer is prone to a denial of service vulnerability. Reportedly when an excessive quantity of data is sent to the TW-Webserver as part of a malicious HTTP GET request the server will fail. Although unconfirmed, due to the nature of this vulnerability, an attacker may have the ability to supply and execute arbitrary code.
It has been reported that TW-WebServer is prone to a denial of service vulnerability. Reportedly when an excessive quantity of data is sent to the TW-Webserver as part of a malicious HTTP GET request the server will fail. Although unconfirmed, due to the nature of this vulnerability, an attacker may have the ability to supply and execute arbitrary code.
Xonic.ru News is vulnerable to an attack due to insufficient sanitization of user-supplied data to the 'script.php' file. An attacker can pass malicious PHP or shell commands in requests to a target server, which will be executed with the privileges of the vulnerable application.
It has been reported that IkonBoard is prone to an arbitrary command execution vulnerability. The vulnerability is due to insufficient sanitization performed on user supplied cookie data. An attacker may exploit this issue to execute arbitrary commands in the security context of the web server hosting the vulnerable IkonBoard.
It has been reported that IkonBoard is prone to an arbitrary command execution vulnerability. The vulnerability is due to insufficient sanitization performed on user supplied cookie data. An attacker may exploit this issue to execute arbitrary commands in the security context of the web server hosting the vulnerable IkonBoard.
It has been reported that osCommerce uses HTTP header information as a part of its authentication mechanism. Reportedly an attacker may spoof parts of the HTTP header and, in doing so, subvert osCommerce authentication systems set in place. This attack may be used in conjunction with other attacks to disclose, what may be sensitive information, to the attacker.
When certain malformed URL requests are sent to a 12Planet Chat Server, the server's installation path may be revealed in the returned error message. This information could be used by a remote attacker to launch further attacks against the chat server.
It has been reported that the Python Documentation Server is vulnerable to a cross-site scripting problem in error pages. Because of this, an attacker could potentially cause the execution of malicious HTML and script code in the browser of a web user.
It has been reported that an attacker may trigger a denial of service condition in osCommerce application. If malicious URI parameters are passed to several of the osCommerce PHP pages, the mySQL and web server hosting osCommerce reportedly becomes unstable, possibly resulting in a denial of service condition.
Several path disclosure vulnerabilities have been reported for eZ Publish. An attacker can exploit this vulnerability by making a HTTP request for any of the affected pages. This may result in a condition where path information is returned to the attacker.
Services By CQR