ContentLion Alpha is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and launch other attacks.
IBM solidDB is prone to a denial-of-service vulnerability. Attackers can exploit this issue to crash the affected application, denying service to legitimate users.
Mercury MR804 router is prone to multiple denial-of-service vulnerabilities. Remote attackers can exploit these issues to cause the device to crash, denying service to legitimate users. Mercury MR804 running version 3.8.1 Build 101220 is vulnerable.
Dragonfly CMS is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and launch other attacks.
Xavi 7968 ADSL Router is vulnerable to cross-site scripting, HTML-injection and cross-site request forgery vulnerabilities. An attacker can exploit these issues to execute arbitrary script code in the context of the vulnerable site, potentially allowing the attacker to steal cookie-based authentication credentials, or perform certain administrative functions on the victim's behalf.
The attacker can exploit the issues to execute arbitrary script code in the context of the vulnerable site, potentially allowing the attacker to steal cookie-based authentication credentials, or perform certain administrative functions on victim's behalf. Other attacks are also possible.
The 'com_xvs' component for Joomla! is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this vulnerability to obtain potentially sensitive information or to execute arbitrary local scripts in the context of the webserver process. This may allow the attacker to compromise the application and the computer; other attacks are also possible.
TestLink is prone to multiple SQL-injection vulnerabilities because the application fails to properly sanitize user-supplied input before using it in an SQL query. A successful exploit could allow an attacker to compromise the application, access or modify data, or exploit vulnerabilities in the underlying database.
VOXTRONIC Voxlog Professional is prone to a file-disclosure vulnerability and multiple SQL-injection vulnerabilities because it fails to properly sanitize user-supplied input. An remote attacker can exploit these issues to obtain potentially sensitive information from local files on computers running the vulnerable application, or modify the logic of SQL queries. A successful exploit may allow the attacker to compromise the software, retrieve information, or modify data; These may aid in further attacks.
Tiki Wiki CMS Groupware is prone to a URI-redirection vulnerability because the application fails to properly sanitize user-supplied input. A successful exploit may aid in phishing attacks; other attacks are possible.
Services By CQR