Microsoft Office is prone to a denial-of-service condition when the malformed WMF file is viewed in an Office application. Exploiting this issue allows remote attackers to crash applications, denying service to legitimate users.
PhotoStand is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks.
Active Calendar is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks.
Active Calendar is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks.
Active Calendar is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks.
Active Calendar is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input. Exploiting this issue may allow an unauthorized user to view files and execute local scripts.
picKLE is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input. Exploiting this issue may allow an unauthorized user to view files and execute local scripts.
Simple one-file gallery is prone to multiple input-validation vulnerabilities, including a local file-include issue and a cross-site scripting issue. An attacker can exploit these issues to steal cookie-based authentication credentials and to view and execute arbitrary local files within the context of the affected webserver. Other attacks are also possible.
The Simple one-file gallery is prone to multiple input-validation vulnerabilities, including a local file-include issue and a cross-site scripting issue. An attacker can exploit these issues to steal cookie-based authentication credentials and to view and execute arbitrary local files within the context of the affected webserver. Other attacks are also possible.
The xt:Commerce e-commerce platform is prone to a local file-include vulnerability due to improper sanitization of user-supplied input. This vulnerability allows an unauthorized user to view files and execute local scripts by manipulating the 'template' parameter in a specific URL.
Services By CQR