rgb72 WCMS is prone to an SQL-injection vulnerability because it fails to properly sanitize user-supplied input before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit vulnerabilities in the underlying database.
Foxmail Email Client is prone to a buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied data. Successfully exploiting this issue will allow an attacker to execute arbitrary code within the context of the affected application. Failed exploit attempts will result in a denial-of-service condition.
FTP servers by multiple vendors are prone to a security vulnerability that allows attackers to perform cross-site request-forgery attacks. Successful exploits can run arbitrary FTP commands on the server in the context of an unsuspecting user's session. This may lead to further attacks.
Thyme is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks.
PHP Pro Bid is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied input before using it in an SQL query. Exploiting these issues could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
HyperStop WebHost Directory is reported prone to an information-disclosure vulnerability. Successful exploits of this issue may allow an attacker to obtain sensitive information by downloading the full contents of the application's database.
Sama Educational Management System is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied input data. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks.
An attacker may leverage this issue to execute arbitrary commands with the privileges of another user on the affected computer.
Add a link is prone to multiple security vulnerabilities, including multiple security-bypass issues and an SQL-injection issue. Exploiting the security-bypass issues may allow an attacker to bypass certain security restrictions and perform unauthorized actions. The attacker can exploit the SQL-injection issue by manipulating the SQL query logic to carry out unauthorized actions on the underlying database. This will compromise the application and may aid in further attacks.
The Cisco 871 Integrated Services Router is prone to a cross-site request-forgery vulnerability. Successful exploits can run arbitrary commands on affected devices. This may lead to further network-based attacks.
Services By CQR