PHPLive! is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
America's Army is prone to a remote denial-of-service vulnerability because the application fails to properly handle invalid queries. Exploiting this issue allows remote attackers to cause the application to crash, effectively denying service to legitimate users.
Easy Image Downloader is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks.
Oracle Database is prone to a remote vulnerability in Network Foundation. The vulnerability can be exploited over the 'Oracle Net' protocol. An attacker doesn't require privileges to exploit this vulnerability.
Oracle Database is prone to a remote vulnerability affecting the 'Listener' component. The vulnerability can be exploited over the 'Oracle Net' protocol. An attacker doesn't require privileges to exploit this vulnerability. The attacker can exploit this issue to crash the affected application, denying service to legitimate users.
Oracle Database is prone to a cross-site scripting vulnerability that affects the Secure Enterprise Search component. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may let the attacker steal cookie-based authentication credentials and launch other attacks.
Oracle Database is prone to a remote heap memory-corruption vulnerability in Network Foundation. The vulnerability can be exploited over the 'Oracle Net' protocol. An attacker doesn't require privileges to exploit this vulnerability. Successfully exploiting this issue will allow the attacker to execute arbitrary code within the context of the affected application. Failed exploit attempts will result in a denial-of-service condition.
An attacker with 'WLS Console Package' privileges can exploit this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks.
HP ProCurve Threat Management Services zl Module is prone to a security-bypass vulnerability. Successful exploits may allow attackers to bypass certain security restrictions, which may aid in launching further attacks. ProCurve Threat Management Services zl Module J9155A running vST.1.0.090213 firmware or prior is vulnerable. Exploitation involves going to the VPN-->Certificates--> CRL page and loading a CRL list, saving the entire configuration, rebooting the TMS zl Module, and then going to the VPN--> Certificates--> CRL page and the CRL is no longer available.
MySQL is prone to multiple format-string vulnerabilities. Attackers can leverage these issues to execute arbitrary code within the context of the vulnerable application. Failed attacks will likely cause denial-of-service conditions.
Services By CQR