The vulnerability allows an attacker to retrieve arbitrary files by exploiting a failure in the application to properly sanitize user-supplied input. This can be done by manipulating the 'site' parameter in the URL.
This vulnerability in Info-ZIP 'unzip' allows attackers to execute arbitrary machine code in the context of users running the affected application. The issue arises due to the application's failure to properly bounds-check user-supplied data before copying it into an insufficiently sized memory buffer.
The vulnerabilities in Mercury CMS are due to a failure in properly sanitizing user-supplied input. Successful exploitation could lead to compromise of the application, disclosure or modification of data, theft of authentication credentials, and other attacks. The vulnerabilities include SQL injection and cross-site scripting (XSS) vulnerabilities.
Komodo CMS is prone to multiple input validation vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. Successful exploitation of these vulnerabilities could result in a compromise of the application, disclosure or modification of data, the theft of cookie-based authentication credentials. They may also permit an attacker to exploit vulnerabilities in the underlying database implementation as well as other attacks.
E-Publish is prone to multiple input validation vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. Successful exploitation of these vulnerabilities could result in a compromise of the application, disclosure or modification of data, the theft of cookie-based authentication credentials. They may also permit an attacker to exploit vulnerabilities in the underlying database implementation as well as other attacks.
Input passed to the "pb_lang" parameter in admin.php is not properly verified before being used. This can be exploited to execute arbitrary PHP code by including files from local or external resources.
These vulnerabilities are a result of improper input sanitization in Community Enterprise. Successful exploitation could lead to application compromise, data disclosure or modification, theft of authentication credentials, and exploitation of underlying database vulnerabilities.
bitweaver is prone to multiple input validation vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. Successful exploitation of these vulnerabilities could result in a compromise of the application, disclosure or modification of data, the theft of cookie-based authentication credentials. They may also permit an attacker to exploit vulnerabilities in the underlying database implementation as well as other attacks.
Baseline CMS is prone to multiple input-validation vulnerabilities because the application fails to properly sanitize user-supplied input. A successful exploit could allow an attacker to compromise the application, access or modify data, exploit vulnerabilities in the underlying database, steal cookie-based authentication credentials, and launch other attacks.
Miraserver is prone to multiple SQL injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation.