ScanMail for Domino is prone to a vulnerability that may allow sensitive configuration files to be disclosed to remote attackers. A successful attack may allow an attacker to disclose sensitive information and disable antivirus protection on a gateway, allowing potentially malicious email messages to reach internal users. This issue may result in a malicious code infection.
Lithtech game engine is prone to multiple remote format-string vulnerabilities because of incorrect usage of 'printf()'-type functions. Format specifiers can be supplied directly to vulnerable functions from external data. A denial-of-service condition arises when a vulnerable server handles a malformed request. Exploiting these issues may also allow an attacker to write to arbitrary process memory and potentially execute code. Any code executed through this vulnerability could potentially run with the privileges of the server.
The TIPS MailPost application is affected by a remote file enumeration vulnerability. This vulnerability arises due to the application's failure to properly sanitize user requests. An attacker can exploit this vulnerability to gain knowledge of the existence of files outside the Web root directory. By accessing the URL 'http://www.example.com/scripts/mailpost.exe/..%255c..%255c..%255cwinnt/system.ini?*nosend*=&email=test@procheckup.com', an attacker can enumerate the contents of the 'winnt/system.ini' file, which can then be used to facilitate further attacks.
The vulnerability in MailPost allows an attacker to execute arbitrary HTML and script code in a user's browser through a malicious error message. This can lead to the theft of cookie-based authentication credentials or other attacks.
The MailPost application is prone to a cross-site scripting vulnerability. This allows an attacker to execute arbitrary HTML and script code in a user's browser by injecting malicious code through insufficiently sanitized user-supplied data. The vulnerability can be exploited to steal cookie-based authentication credentials or launch other attacks.
The Klinza Professional CMS version 5.0.1 is vulnerable to a remote file inclusion vulnerability in the show_hlp.php file. An attacker can exploit this vulnerability to include a remote file and execute arbitrary code on the target system.
The application Goollery is affected by various cross-site scripting vulnerabilities. These vulnerabilities occur when user-supplied URI input is not properly sanitized. Attackers can exploit these vulnerabilities by sending malicious HTML and script code through the 'page' parameter of certain scripts. If a victim user follows a malicious URI link, the hostile code may be rendered in their web browser.
Helm Control Panel is prone to multiple vulnerabilities including an SQL injection issue and an HTML injection vulnerability. A remote attacker can execute arbitrary HTML and script code in a user's browser. Manipulation of SQL queries to reveal or corrupt sensitive database data is possible as well.
The vulnerability allows an attacker to display false information in the status bar of the Safari Web Browser, making web pages appear to originate from a trusted location. This can be used to deceive unsuspecting users.
Caudium is prone to a remote denial of service vulnerability. Remote attackers can exploit this vulnerability to crash affected web servers, causing a denial of service for legitimate users.
Services By CQR