The ShopperPress WordPress theme is prone to an SQL-injection and multiple cross-site vulnerabilities because it fails to properly sanitize user-supplied input. Successful exploits will allow an attacker to steal cookie-based authentication credentials, to compromise the application, to access or modify data, or to exploit latent vulnerabilities in the underlying database.
GalaxyScripts Mini File Host and DaddyScripts Daddy's File Host are prone to a local file-include vulnerability because they fail to properly sanitize user-supplied input. An attacker can exploit this vulnerability to obtain potentially sensitive information or to execute arbitrary local scripts in the context of the web server process. This may allow the attacker to compromise the application and the computer; other attacks are also possible.
MindTouch DekiWiki is prone to multiple remote and local file-include vulnerabilities because it fails to sufficiently sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary server-side script code that resides on an affected computer or in a remote location with the privileges of the web server process. This may facilitate unauthorized access.
mIRC is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks.
Total Shop UK eCommerce CodeIgniter is prone to multiple unspecified cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks.
GNU glibc is prone to multiple stack-based buffer-overflow vulnerabilities because it fails to perform adequate boundary checks on user-supplied data. Local attackers can exploit these issues to run arbitrary code with privileges of the affected application. Failed exploit attempts can result in a denial-of-service condition.
Hotel Booking Portal is prone to multiple SQL-injection vulnerabilities and cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied input. Exploiting these vulnerabilities could allow an attacker to steal cookie-based authentication credentials, compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
dirLIST is prone to multiple local file-include vulnerabilities and an arbitrary-file upload vulnerability because the application fails to sufficiently sanitize user-supplied input. An attacker can exploit these issues to upload arbitrary files onto the web server, execute arbitrary local files within the context of the web server, and obtain sensitive information.
PBBoard is prone to multiple security vulnerabilities including multiple SQL-injection vulnerabilities, a security-bypass vulnerability, and an arbitrary file upload vulnerability. Exploiting these issues could allow an attacker to carry out unauthorized actions on the underlying database, to gain access to various user accounts by changing account passwords, or to execute arbitrary script code on an affected computer in the context of the affected application.
PBBoard is prone to multiple security vulnerabilities including multiple SQL-injection vulnerabilities, a security-bypass vulnerability, and an arbitrary file upload vulnerability. Exploiting these issues could allow an attacker to carry out unauthorized actions on the underlying database, to gain access to various user accounts by changing account passwords, or to execute arbitrary script code on an affected computer in the context of the affected application. PBBoard 2.1.4 is vulnerable; other versions may also be affected.
Services By CQR