Web Wiz Forums is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks.
GC Auction Platinum is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
Willoughby TriO is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
ezContents CMS is prone to a remote file-include vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker can exploit this issue to execute malicious PHP code in the context of the webserver process. This may allow the attacker to compromise the application and the underlying system; other attacks are also possible.
AtomPhotoBlog is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
EMC Centera Universal Access (CUA) is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data. A successful exploit may allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
Minix is prone to a denial-of-service vulnerability. An attacker can exploit this issue to prevent users from opening new pseudo terminals, denying service to legitimate users.
Pre Survey Generator is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data. A successful exploit may allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. An example of an attack is the following URL: http://www.example.com/poll/default.asp?catid=1+union+select+0,password+from+users--
Outpost Security Suite Pro is prone to a vulnerability that allows an unauthorized attacker to bypass antivirus and firewall rules. This issue occurs because the application fails to adequately sanitize user-supplied input. Successful exploits can allow malicious data to evade expected detection rules, giving legitimate users a false sense of security. Other attacks may also be possible.
Claroline is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks.
Services By CQR