PKs Movie Database is prone to a cross-site scripting vulnerability and an SQL-injection vulnerability because the application fails to sufficiently sanitize user-supplied input. Exploiting these issues could allow an attacker to steal cookie-based authentication credentials, compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
Managed Workplace Service Center is prone to an information-disclosure vulnerability because the application fails to protect private information. Attackers may exploit this issue to retrieve sensitive information that may aid in further attacks.
Multiple IEA Software products are prone to a denial-of-service vulnerability. Successfully exploiting this issue will allow attackers to crash the affected application, denying service to legitimate users.
Mozilla Firefox is prone to an information-disclosure vulnerability because it fails to restrict access to local resources. Attackers can exploit this issue to obtain potentially sensitive information that will aid in further attacks.
Serendipity Freetag-plugin is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. Exploiting this issue could allow an attacker to steal cookie-based authentication credentials and to launch other attacks.
Joovili is prone to a remote file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this issue to include an arbitrary remote file containing malicious PHP code and execute it in the context of the webserver process. This may facilitate a compromise of the application and the underlying system; other attacks are also possible.
Calimero.CMS is prone to a cross-site scripting vulnerability. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks.
Ipswitch Instant Messaging is prone to multiple security vulnerabilities, including a denial-of-service vulnerability, a format-string vulnerability, and a vulnerability that allows attackers to overwrite arbitrary files. Attackers can exploit these issues to execute arbitrary code, cause denial-of-service conditions, or overwrite files with arbitrary content.
The Joomla! and Mambo 'com_sermon' component is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. An attacker can exploit this vulnerability by crafting a malicious URL that contains an SQL query.
MODx is prone to an HTML-injection vulnerability and multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks.
Services By CQR