The Magic Photo Storage Website is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues may allow an attacker to compromise the application and the underlying system; other attacks are also possible.
The Magic Photo Storage Website is vulnerable to multiple remote file-include vulnerabilities. These vulnerabilities are a result of insufficient sanitization of user-supplied data. Exploiting these vulnerabilities can allow an attacker to compromise the application and the underlying system. Other attacks may also be possible.
PHPKIT is prone to an SQL-injection vulnerability because the application fails to properly sanitize user-supplied input before using it in an SQL query. A successful exploit could allow an attacker to compromise the application, access or modify data, or exploit vulnerabilities in the underlying database implementation.
The vulnerability allows an attacker to execute arbitrary script code in the browser of an unsuspecting user, potentially leading to the theft of authentication credentials and other attacks. The issue is caused by the application's failure to properly sanitize user-supplied input.
Packeteer PacketShaper is prone to multiple denial-of-service vulnerabilities. A remote attacker may exploit these issues to cause the device to crash, denying further service to legitimate users.
The application Createauction is vulnerable to an SQL-injection vulnerability. It fails to properly sanitize user-supplied data before using it in an SQL query. An attacker can exploit this vulnerability to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database implementation.
The Access Manager Identity Server is vulnerable to a cross-site scripting (XSS) attack due to inadequate input sanitization. An attacker can exploit this vulnerability to inject and execute arbitrary script code in the browser of a victim user, within the context of the affected website. This can lead to the theft of authentication credentials stored in cookies and enable other malicious activities.
This is an exploit for HP Web JetAdmin, the printer management server from HP. It allows for remote execution of code, providing Linux root access and Windows NT/2000 Administrator access. The exploit takes advantage of a vulnerability in the HP Web JetAdmin version 6.5.
Multiple PDF readers are prone to multiple remote buffer-overflow vulnerabilities because the applications fail to bounds-check user-supplied data before copying it into an insufficiently sized buffer.An attacker may be able exploit this issue to execute arbitrary code within the context of the affected application. In some circumstances, the vulnerability can be exploited only to cause a denial of service.
The Shopstorenow E-commerce Shopping Cart is prone to an SQL-injection vulnerability because the application fails to properly sanitize user-supplied input before using it in an SQL query. A successful exploit could allow an attacker to compromise the application, access or modify data, or exploit vulnerabilities in the underlying database implementation. An example of a potential exploit is: http://www.example.com/orange.asp?CatID=1'%20and%201=convert(int,(select%20top%201%20table_name%20from%20information_schema.tables))--sp_password