PortalApp is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input.An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user in the context of the affected site. This may facilitate the theft of cookie-based authentication credentials as well as other attacks.
papaya CMS is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user in the context of the affected site. This may facilitate the theft of cookie-based authentication credentials as well as other attacks.
OpenEdit is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user in the context of the affected site. This may facilitate the theft of cookie-based authentication credentials as well as other attacks.
Beehive Forum is prone to multiple HTML injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in dynamically generated content. Attacker-supplied HTML and script code would be executed in the context of the affected Web site, potentially allowing for theft of cookie-based authentication credentials. An attacker could also exploit these issues to control how the site is rendered to the user; other attacks are also possible.
This vulnerability allows a remote user to overwrite heap memory of i3sipproxy. The request size varies, but size=2900 bytes works in most of the cases. Successful exploitation of this bug for code execution requires a magic combination of pre-allocations, data, and size.
HoneyComb Archive is prone to multiple input validation vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. Successful exploitation of these vulnerabilities could result in a compromise of the application, disclosure or modification of data, and the theft of cookie-based authentication credentials. They may also permit an attacker to exploit vulnerabilities in the underlying database implementation as well as other attacks.
D-Man is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input to the 'title' parameter.An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user in the context of the affected site.
An attacker can exploit this issue to include an arbitrary remote file containing malicious PHP code and execute it in the context of the Web server process. This may facilitate a compromise of the application and the underlying system; other attacks are also possible.
The HTML injection vulnerability in LiveJournal allows an attacker to inject HTML and script code into the dynamically generated content, potentially leading to the execution of malicious code in the context of the affected website. This can result in the theft of cookie-based authentication credentials and control over how the site is rendered to the user.
Blender is susceptible to an integer-overflow vulnerability. This issue is due to the application's failure to properly sanitize user-supplied input before using it in a memory allocation and copy operation. This issue allows attackers to execute arbitrary machine code in the context of the user running the affected application.