Multiple remote file-include vulnerabilities exist in Free File Hosting due to insufficient sanitization of user-supplied data. Exploiting these vulnerabilities can lead to compromise of the application and the underlying system, as well as other possible attacks.
The Free File Hosting application fails to properly sanitize user-supplied data, leading to multiple remote file-include vulnerabilities. Exploiting these vulnerabilities can result in compromising the application and the underlying system, as well as enabling other types of attacks.
Free File Hosting is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues may allow an attacker to compromise the application and the underlying system; other attacks are also possible.
KDE Konqueror is prone to a vulnerability that may allow attackers to obtain potentially sensitive information. A successful exploit of this issue would cause the affected application to connect to arbitrary TCP ports and potentially reveal sensitive information about services that are running on the affected computer. Information obtained may aid attackers in further attacks.
Opera is prone to a vulnerability that may allow attackers to obtain potentially sensitive information. A successful exploit of this issue would cause the affected application to connect to arbitrary TCP ports and potentially reveal sensitive information about services that are running on the affected computer. Information obtained may aid attackers in further attacks.
The Zyxel routers running the ZynOS operating system are vulnerable to a remote denial-of-service attack. An attacker can exploit this vulnerability to crash the affected device, resulting in a denial of network service for legitimate users.
w-Agora is prone to multiple input-validation vulnerabilities, including possible SQL-injection issues and multiple cross-site scripting issues. These vulnerabilities exist because the application fails to sufficiently sanitize user-supplied data. Exploiting these issues could allow an attacker to steal cookie-based authentication credentials, compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database implementation.
w-Agora is prone to multiple input-validation vulnerabilities, including possible SQL-injection issues and multiple cross-site scripting issues. These vulnerabilities are caused by a failure to sufficiently sanitize user-supplied data. Exploiting these issues could allow an attacker to steal cookie-based authentication credentials, compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database implementation.
The LedgerSMB/SQL-Ledger application fails to sufficiently sanitize user-supplied input, leading to a local file-include vulnerability. Additionally, SQL-Ledger is prone to an authentication-bypass vulnerability. An attacker can exploit these vulnerabilities to view files, execute arbitrary local scripts within the webserver context, and potentially gain unauthorized access to the affected application.
PHPX is prone to multiple input-validation vulnerabilities because the application fails to properly sanitize user-supplied input. Exploiting these issues could allow an attacker to steal cookie-based authentication credentials, execute arbitrary script code in the context of the webserver process, compromise the application, obtain sensitive information, access or modify data, or exploit latent vulnerabilities in the underlying database implementation.