Invision Power Board's 'ssi.php' script is prone to an SQL injection vulnerability. Attackers can exploit this vulnerability by passing SQL statements to the underlying database through the script. Depending on the underlying database, this vulnerability can result in data corruption or theft, execution of commands or procedures on the database server, or exploitation of other vulnerabilities in the database.
The 'returnurl' parameter in the 'signin.aspx' script of AspDotNetStorefront is not properly sanitized, allowing remote attackers to execute malicious JavaScript code and steal user authentication credentials.
AspDotNetStorefront is prone to an access validation vulnerability that may allow a remote attacker to delete arbitrary contents from a vulnerable Web site. The issue occurs because the 'deleteicon.aspx' script does not validate access before allowing an unprivileged user to delete contents such as icons and images from the site. Other attacks may be possible as well, however, this has not been confirmed.
cPanel is affected by a remote SQL injection vulnerability in the passwd script. The issue occurs when user-supplied URI parameter input is not properly sanitized before being used in an SQL query. Malicious SQL statements can be passed to the passwd script through URI parameters, allowing a malicious user to influence database queries and potentially view or modify sensitive information.
The vulnerabilities include a double free vulnerability, format string vulnerabilities, and integer overflows. There is also a null termination issue in the security patch for BID 10384, potentially leading to a server crash. Some of these issues may be leveraged to execute arbitrary code, while other issues may only result in a denial of service.
An attacker can delete security associations and policies from IPSec VPN's by sending a malformed UDP ISAKMP packet to a vulnerable server. The malformed packet contains payloads for both setting up a new tunnel and deleting a tunnel. Isakmpd improperly acts upon the delete payload and terminates the associations and policies relating to the tunnel. This can result in the destruction of security associations, effectively eliminating the VPN connection between gateways and denying service to legitimate users of the VPN.
The vulnerability allows a remote user to disclose files on a vulnerable computer by using the /home/@@file/ prefix and '../' directory traversal sequences.
ToCA Race Driver is affected by multiple remote denial of service vulnerabilities. These vulnerabilities occur due to a failure of the application to handle exceptional network traffic. An attacker can exploit these vulnerabilities to crash or hang the application, resulting in a denial of service for legitimate users.
SurgeMail/WebMail is prone to multiple vulnerabilities. These issue result from insufficient sanitization of user-supplied data. The issues can allow an attacker to carry out path disclosure and cross-site scripting attacks.
The Linksys Web Camera software version 2.10 and possibly other versions are prone to a remote file disclosure vulnerability. A remote attacker can exploit this vulnerability to disclose sensitive files by sending a specially crafted request to the affected software.