The Joomla! and Mambo 'com_lexikon' component is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
The Joomla! and Mambo 'com_salesrep' component is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. An attacker can exploit this vulnerability by crafting a malicious URL and sending it to a victim. The URL contains a malicious SQL query that can be used to access or modify data, or exploit latent vulnerabilities in the underlying database.
The Joomla! and Mambo 'faq' component is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
The Joomla! and Mambo 'com_sg' component is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. An attacker can exploit this vulnerability by crafting a malicious URL and sending it to a victim. The malicious URL contains an SQL query that can be used to access or modify data, or exploit latent vulnerabilities in the underlying database.
The Joomla! and Mambo 'com_activities' component is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
The Joomla! and Mambo 'com_smslist' component is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. An attacker can exploit this vulnerability by crafting a malicious URL and sending it to a victim.
Sami FTP Server is prone to multiple remote denial-of-service vulnerabilities because the application fails to handle exceptional conditions. An attacker can exploit these issues to crash the affected application, denying service to legitimate users. An attacker can use standard FTP clients or network utilities to exploit these issues. Issuing one of the affected commands followed by 'AA' will trigger a denial of service.
Sophos Email Appliance is prone to multiple cross-site scripting vulnerabilities that affect its web interface because it fails to properly sanitize user-supplied input before using it in dynamically generated content. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks.
PlutoStatus Locator is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this vulnerability using directory-traversal strings to include local files in the context of the webserver process. This may allow the attacker to obtain potentially sensitive information; other attacks are also possible.
artmedic webdesign weblog is prone to multiple local file-include vulnerabilities because it fails to properly sanitize user-supplied input. Exploiting these issues may allow an attacker to access potentially sensitive information and execute arbitrary local scripts in the context of the affected application.
Services By CQR