The 'libxslt' library is prone to a heap-based buffer-overflow vulnerability because the software fails to perform adequate boundary checks on user-supplied data. An attacker may exploit this issue to execute arbitrary code with the privileges of the user running an application that relies on the affected library. Failed exploit attempts will likely result in denial-of-service conditions.
DEV Web Management System is prone to multiple input-validation vulnerabilities because it fails to sufficiently sanitize user-supplied data. The issues include local file-include, SQL-injection, and cross-site scripting vulnerabilities. Exploiting these issues could allow an attacker to view sensitive information, steal cookie-based authentication credentials, compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
MJGUEST is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may let the attacker steal cookie-based authentication credentials and launch other attacks.
Unreal Tournament 3 is prone to multiple remote vulnerabilities, including a denial-of-service issue and a memory-corruption issue. An attacker can exploit these issues to execute arbitrary code within the context of the affected application or cause the application to crash.
ScrewTurn Wiki is prone to an HTML-injection vulnerability because the application fails to properly sanitize user-supplied input before using it in dynamically generated content. Attacker-supplied HTML and script code would run in the context of the affected browser, potentially allowing the attacker to steal cookie-based authentication credentials or to control how the site is rendered to the user. Other attacks are also possible.
Unreal Tournament 2004 is prone to a remote denial-of-service vulnerability because the application fails to handle NULL-pointer exceptions. An attacker could exploit this issue to crash the affected application, denying service to legitimate users.
The 'CoVideoWindow.ocx' ActiveX control of Eyeball MessengerSDK is prone to a stack-based buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied input. An attacker can exploit this issue to execute arbitrary code in the context of an application using the affected ActiveX control (typically Internet Explorer). Failed attacks will likely cause denial-of-service conditions.
The RSS plugin for miniBB is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues can allow an attacker to compromise the application and the underlying computer; other attacks are also possible.
Owl Intranet Engine is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may let the attacker steal cookie-based authentication credentials and launch other attacks.
Jamroom is prone to fourteen security vulnerabilities, including an authentication-bypass vulnerability that occurs because the application fails to verify user-supplied data. An attacker can exploit the authentication-bypass vulnerability to gain administrative access to the affected application; other attacks are also possible.
Services By CQR