Red Hat Directory Server is prone to a denial-of-service vulnerability because the server fails to handle specially crafted search patterns. An attacker can exploit this issue to consume CPU resources with one search request, effectively blocking additional search requests from executing. Legitimate users may be prevented from authenticating to network resources that use the affected server for authentication.
Mono is prone to a vulnerability that allows attackers to inject arbitrary HTTP headers because it fails to sanitize input. By inserting arbitrary headers into an HTTP response, attackers may be able to launch cross-site request-forgery, cross-site scripting, HTTP-request-smuggling, and other attacks.
AbleSpace is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied input data. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks.
ASP Search Engine is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may let the attacker steal cookie-based authentication credentials and launch other attacks.
MatterDaddy Market is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may let the attacker steal cookie-based authentication credentials and launch other attacks.
Smart Survey is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may let the attacker steal cookie-based authentication credentials and launch other attacks.
PopnupBlog is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks.
PHP-Ultimate Webboard is prone to multiple-input validation vulnerabilities because the application fails to sufficiently sanitize user-supplied input. Successful exploits will allow unauthorized attackers to delete arbitrary questions and answers. Attackers may also exploit these issues to perform SQL-injection attacks.
The Microsoft Windows Media Services ActiveX control is prone to a buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied input. An attacker can exploit this issue to execute arbitrary code in the context of an application using the affected ActiveX control (typically Internet Explorer). Failed attacks will likely cause denial-of-service conditions.
One-News is prone to multiple input-validation vulnerabilities, including an SQL-injection issue and multiple HTML-injection issues. The vulnerabilities occur because the application fails to sufficiently sanitize user-supplied data. Exploiting these issues could allow an attacker to steal cookie-based authentication credentials, control how the site is rendered to the user, compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
Services By CQR