Multiple remote SQL injection vulnerabilities exist in the 'welcome.asp', 'checklogin.asp', and 'lostpassword.asp' scripts of getInternet. These vulnerabilities occur due to the application's failure to properly validate user-supplied input before using it in SQL queries. An attacker can exploit these vulnerabilities to manipulate and inject SQL queries into the database, potentially stealing sensitive information and launching further attacks.
Multiple remote input validation vulnerabilities in getSolutions getIntranet allow SQL injection attacks, HTML injection attacks, arbitrary file uploads, privilege escalation, command execution in the context of the vulnerable application, and command execution in the context of the affected system.
The PostNuke Modules Factory Subjects module is affected by a remote SQL injection vulnerability. This issue allows an attacker to manipulate SQL queries and potentially disclose sensitive information or corrupt data.
The Halo Combat Evolved game server is prone to a remote denial of service vulnerability. A remote attacker can exploit this vulnerability to deny service for legitimate game players.
BBS E-Market Professional is reported to be affected by a remote file include vulnerability that may allow an attacker to include malicious files containing arbitrary code to be executed on a vulnerable system.
Trillian is reported prone to a remote buffer overflow vulnerability. This issue occurs due to insufficient boundary checks performed by the application and may allow an attacker to execute arbitrary code on a vulnerable computer. This could ultimately lead to an attacker gaining unauthorized access to the computer.
Regulus is prone to an information disclosure vulnerability where a specified user/customer password hash is contained in a hidden tag of the 'Update Your Password' action page. An attacker can obtain this data and use it for further attacks.
An attacker can make a request for the 'staffile' file hosted on a target server in SAFE TEAM Regulus, which contains a list of 'staff' users and their corresponding password hashes. This information can be used to launch further attacks against the vulnerable software.
An unauthenticated attacker can exploit an access validation error in UtilMind Solutions Site News to display and manipulate arbitrary news items.
PSNews is affected by a cross-site scripting vulnerability. This issue is due to a failure of the application to properly sanitize user-supplied URI input.
Services By CQR