Comdev eCommerce is reported prone to multiple cross-site scripting vulnerabilities. These vulnerabilities can be exploited to steal cookie-based authentication credentials and carry out other attacks.
WPKontakt is prone to a potential script execution vulnerability. Remote attackers may execute arbitrary script code on a vulnerable computer by sending a specially crafted email address containing a JavaScript URI.
The vulnerability exists in the DecodeTCPOptions() function of 'decode.c' in Snort. It is caused by a failure to handle malicious TCP packets properly. A remote attacker can exploit this vulnerability to crash a remote Snort server, preventing subsequent malicious attacks from being detected.
A remote SQL injection vulnerability reportedly affects 2Bgal. This issue is due to a failure of the application to properly sanitize user-supplied input prior to including it in an SQL query. An attacker may leverage this issue to manipulate SQL query strings and potentially carry out arbitrary database queries. This may facilitate the disclosure or corruption of sensitive database information.
PhpGroupWare is susceptible to a HTML injection vulnerability due to improper input sanitization. An attacker can exploit this vulnerability by supplying malicious HTML and script code through the 'date' parameter in the 'index.php' page. This can lead to theft of cookie-based authentication credentials and control over the site's rendering.
The phpGroupWare software is prone to a remote file include vulnerability that may allow an attacker to execute arbitrary PHP code. The vulnerability exists in the 'tables_update.inc.php' script, which includes other PHP files without proper validation. An attacker can exploit this vulnerability by supplying a malicious file parameter in the URL, leading to the execution of the included PHP code.
Tlen.pl is prone to a potential script execution vulnerability. Remote attackers may exploit this issue to execute arbitrary script code on a vulnerable computer, leading to various attacks.
The e_Board application is vulnerable to a directory traversal vulnerability due to improper input sanitization. By including '../' directory traversal sequences and a NULL (%00) in the affected URI argument, an attacker can include the contents of arbitrary web-server readable files in the output of the requested page.
The PHP shared memory module (shmop) is prone to an integer handling vulnerability. The issue exists in the PHP_FUNCTION(shmop_write) function and is a result of a lack of sufficient sanitization performed on 'offset' data. This vulnerability may be exploited to make an almost arbitrary write into process memory. It is reported that the vulnerability may be leveraged to disable PHP 'safe mode', which may result in further compromise in a shared-server environment.
The vulnerability exists in diag applications due to a failure to implement security controls properly when executing an application specified by the 'DIAGNOSTICS' environment variable. A local attacker can exploit this vulnerability to gain superuser privileges on a computer running the affected software. The attacker can create a directory and set the 'DIAGNOSTICS' environment variable to that directory. Then, by executing a specially crafted script, the attacker can escalate their privileges and gain superuser access.
Services By CQR