WordPress is reported vulnerable to multiple cross-site scripting, HTML injection, and SQL injection vulnerabilities. These issues are due to a lack of proper sanitization of user-supplied data. The cross-site scripting and HTML injection issues could permit a remote attacker to create a malicious URI link, or post data to the affected application that includes hostile HTML and script code. If this link were to be followed, or resulting pages were to be viewed, the hostile code may be rendered in the web browser of the victim user. This would occur in the security context of the affected web site and may allow for theft of cookie-based authentication credentials or other attacks. An attacker may exploit the SQL injection issues to manipulate SQL queries to the underlying database. This may facilitate theft of sensitive information, potentially including authentication credentials, and data corruption.
The vulnerability allows a remote attacker to upload arbitrary PHP scripts to a vulnerable server by exploiting insufficient sanitization of user-supplied input. If successful, the attacker can execute arbitrary script code on the server, leading to unauthorized access in the context of the application.
Multiple remote SQL injection vulnerabilities affect Ikonboard due to a failure to properly sanitize user-supplied input prior to including it in SQL queries. An attacker can exploit these vulnerabilities to manipulate SQL queries to the underlying database, potentially leading to theft of sensitive information and data corruption.
2fax is prone to a buffer overflow vulnerability. This issue is exposed when the software performs tab expansion operations while converting files. Since files may originate from an external or untrusted source, this issue is considered remote in nature.Successful exploitation will result in execution of arbitrary code in the context of the user running the application.
Vilistextum is prone to a buffer overflow vulnerability. This issue occurs when the application parses HTML attributes while converting an HTML file to text/ASCII. This vulnerability can be exploited remotely by an attacker originating from an external or untrusted source. Successful exploitation of this vulnerability allows the execution of arbitrary code in the context of the user running the application.
Bolthole Filter is prone to a buffer overflow vulnerability. This issue is exposed when the software parses email address data. If successfully exploited, this vulnerability could result in execution of arbitrary code in the context of the process.
jpegtoavi is prone to a buffer overflow vulnerability when handling a malformed file list. This vulnerability can be exploited remotely to execute arbitrary code in the context of the user running the application.
Yanf is prone to a buffer overflow vulnerability. This issue occurs when the client reads data from a remote HTTP server. If successfully exploited, it could allow for the execution of arbitrary code in the context of the user running the client.
This exploit allows an attacker to execute remote commands with escalated privileges in Flatnuke version 2.5.8 and below. It works regardless of php.ini settings.
The xine media library is affected by a remote buffer overflow vulnerability in the 'demux_aiff.c' file. This vulnerability allows a remote attacker to gain unauthorized access to a vulnerable computer.
Services By CQR