iknSupport is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and launch other attacks.
The 'com_bnf' component for Joomla! is prone to a remote SQL injection vulnerability. A successful exploit may allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
GForge is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues could allow an attacker to execute arbitrary script on the affected server and steal cookie-based authentication credentials. Other attacks are also possible.
phpLDAPadmin is prone to cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and launch other attacks.
OpenEMR is prone to local file-include and command-injection vulnerabilities because it fails to properly sanitize user-supplied input. A remote attacker can exploit these issues to execute arbitrary shell commands with the privileges of the user running the application, obtain potentially sensitive information, and execute arbitrary local scripts in the context of the Web server process. This could allow the attacker to compromise the application and the computer; other attacks are also possible.
Lead Capture is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and launch other attacks.
The 'com_cmotour' component for Joomla! is prone to an SQL injection vulnerability. A successful exploit may allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
4images is prone to multiple input-validation vulnerabilities including cross-site scripting, open-redirection, and SQL-injection. An attacker may leverage these issues to perform spoofing and phishing attacks, to steal cookie-based authentication credentials, compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database and execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site.
The 'com_bbs' component for Joomla! is prone to multiple remote SQL-injection vulnerabilities. A successful exploit may allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
The 'com_propertylab' component for Joomla! is prone to a remote SQL injection vulnerability. A successful exploit may allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
Services By CQR