eshtry CMS is vulnerable to a local file disclosure vulnerability due to its failure to properly validate user-supplied input. An attacker can exploit this vulnerability by sending a specially crafted request to the vulnerable application, which will allow them to view the contents of local files on the server.
Catia is prone to a stack-based buffer-overflow vulnerability because the application fails to perform adequate boundary-checks on user-supplied input. An attacker can exploit this issue to execute arbitrary code in the context of the application. Failed exploit attempts will result in a denial-of-service condition.
MODx Evogallery module is prone to an arbitrary file upload vulnerability. An attacker may leverage this issue to upload arbitrary files to the affected computer; this can result in arbitrary code execution within the context of the vulnerable application.
The NextGEN Gallery plugin for WordPress is prone to a directory-traversal vulnerability because it fails to sufficiently sanitize user-supplied input. Exploiting this issue can allow an attacker to obtain sensitive information that could aid in further attacks.
Rhino is prone to a cross-site scripting vulnerability and security-bypass vulnerability. An attacker can exploit these issues to execute arbitrary script code in the context of the vulnerable site, potentially allowing the attacker to steal cookie-based authentication credentials, bypass security restrictions to obtain sensitive information, or perform unauthorized actions. Other attacks may also be possible.
Wire Immogest component for Joomla! is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
Red Hat Piranha is prone to a remote security bypass vulnerability. An attacker can exploit this issue to gain unauthorized access to the restricted pages of the application, this may lead to further attacks. The attacker can use curl or wget to exploit this vulnerability.
i-doit Pro is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
MyBB is prone to a remote denial-of-service vulnerability. An attacker can exploit this issue to crash the affected application, denying service to legitimate users.
phpBB is prone to a remote denial-of-service vulnerability. An attacker can exploit this issue to crash the affected application, denying service to legitimate users.
Services By CQR