The vulnerabilities in AzDGDatingLite can be exploited by enticing a user to visit a malicious link containing hostile HTML and script code. This can lead to theft of authentication credentials or other attacks.
NukeCalendar, a third-party calendar module for PHP-Nuke, is vulnerable to multiple security issues. These include path disclosure, SQL injection, and cross-site scripting. These vulnerabilities can lead to the disclosure of sensitive information, compromise of user accounts, compromise of the bulletin board, and potential attacks against the database through SQL injection.
NukeCalendar, a third-party calendar module for PHP-Nuke, is vulnerable to multiple issues including path disclosure, SQL injection, and cross-site scripting. These vulnerabilities can lead to the disclosure of sensitive information, compromise of user accounts and bulletin boards, and potential attacks against the database through SQL injection.
The NukeCalendar module for PHP-Nuke is prone to multiple vulnerabilities including path disclosure, SQL injection, and cross-site scripting. These vulnerabilities could result in the disclosure of sensitive information, compromise of user accounts or bulletin boards, and possible attacks against the database implementation itself through SQL injection.
Kerio Personal Firewall is vulnerable to a denial of service attack when the Web Filtering functionality is enabled. The vulnerability occurs when certain characters are present in a URI that is being handled by the Web Filtering procedures.
The FirstClass Desktop Client is prone to a local buffer overflow vulnerability. This vulnerability could allow attackers to execute arbitrary code on a vulnerable system, potentially leading to elevated privileges. The issue is reported to exist due to the 'PROXYADDR' variable of the 'LOCAL NETWORK.FCP' configuration file.
The Mcafee FreeScan CoMcFreeScan browser object is prone to a remote buffer overflow vulnerability. The issue occurs due to a lack of sufficient boundary checks performed on data assigned to the object variable 'ScanParam'. An attacker can exploit this vulnerability by crafting a malicious website that, when viewed, would result in arbitrary code execution in the context of the user running the browser with an affected browser object installed.
The Symantec Virus Detection Symantec.SymVAFileQuery.1 COM object is prone to a denial of service vulnerability. When the object is invoked with excessive data, the browser will crash. Successful exploitation would immediately produce a denial of service condition in the affected browser. Although initially reported as a buffer overflow, this issue does not appear to present any threat of remote code execution. It should be noted that the vulnerable object may not be invoked from scripts outside of the Symantec domain, however, vulnerabilities that permit malicious content to be executed in the context of the domain (such as HTML injection or cross-site scripting vulnerabilities as well as web browser security model issues) may still permit exploitation of this issue.
Panda ActiveScan is prone to a denial of service vulnerability that may cause an instance of Internet Explorer to crash. The issue occurs when the 'SetSitesFile' function is called in combination with setting the 'InstallEngineCtl' object.
The Blaxxun Contact 3D browser object for Internet Explorer is prone to a buffer overflow vulnerability. The issue is due to a lack of sufficient boundary checks performed on data assigned to a browser object variable. An attacker can exploit this vulnerability to seize control of the execution flow for the affected browser object and influence execution flow into an attacker-supplied payload.
Services By CQR