A buffer overflow condition has been reported for the CuteFTP application. The vulnerability is due to insufficient bounds checking performed on certain FTP command responses. If CuteFTP is used to connect to a malicious FTP server that sends an overly long response to the LIST command, the buffer overflow condition will be triggered. Code execution may be possible.
Sambar Server does not adequately filter some HTML code thus making it prone to cross-site scripting attacks. It is possible for a remote attacker to create a malicious link containing script code which will be executed in the browser of a legitimate user. All code will be executed within the context of the website running Sambar Server. This issue may be exploited to steal cookie-based authentication credentials from legitimate users of the website running the vulnerable software.
phpBB2, in some cases, does not sufficiently sanitize user-supplied input which is used when constructing SQL queries to execute on the underlying database. As a result, it is possible to manipulate SQL queries. This may allow a remote attacker to modify query logic or potentially corrupt the database. A remote attacker can exploit this vulnerability by manipulating URI parameters to cause the text of all private messages to be deleted.
phpLinks does not sufficiently sanitize HTML and script code supplied via form fields before displaying this data to administrative users. This issue exists in the 'add.php' script, which is used to add sites to the phpLinks system. As a result, an attacker may cause malicious HTML and script code to be executed in the web client of an administrative user who reviews attacker-supplied data submitted when a site is added. An attacker can inject code into the Site Title or Site Url field, which will be executed as soon as a logged in administrator views it. The code can be used to delete the database, add users to the database, and more.
It has been reported that OPT accepts the values supplied supplied by users in HTTP headers as the originating IP address of a request. It is possible for a remote host to supply a fake IP address in one of these environment variables that would obscure the origin on the request.
PHP TopSites is vulnerable to SQL injection due to insufficient sanitization of user-supplied URI parameters. An attacker can embed malicious SQL commands into certain page requests, which can be used to disclose another user's private information.
It has been reported that problems with the handling of recursive document type definitions (DTDs) occur in Sun ONE Unified Development Server (UDS). When a document is uploaded containing these types of constructs, the system experiences high resource consumption that can result in crash of the system, and denial of service to legitimate users.
PHP TopSites is vulnerable to cookie theft due to invalid sanitization of user-supplied input by the 'help.php' script. An attacker can construct a malicious URL containing embedded script code as a 'help.php' parameter. When an unsuspecting user follows the link, sensitive information, such as cookie-based authentication credentials may be obtained by the attacker.
ScanMail for Microsoft Exchange is vulnerable to an authentication bypass vulnerability. This vulnerability allows a remote attacker to bypass existing authentication mechanisms and gain access to the ScanMail management system. This is achieved by sending a specially crafted HTTP request to the vulnerable server.
An HTML injection vulnerability has been discovered in PHP TopSites. The issue occurs due to insufficient sanitization of user-supplied data. By injecting HTML code into the <body> tag of the description page, when submitting website, it may be possible to cause an administrator to edit or delete database entries. This issue will occur when an unsuspecting administrator loads the submitted description. This vulnerability has also been reported to affect the 'edit.php' script.
Services By CQR