The Atlant Pro application fails to properly sanitize user-supplied input, resulting in cross-site scripting vulnerabilities. An attacker can exploit these vulnerabilities to execute arbitrary script code in the browser of a victim user, potentially leading to the theft of authentication credentials and other attacks.
DCForum is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user in the context of the affected site. This may facilitate the theft of cookie-based authentication credentials as well as other attacks.
SiteNet BBS is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input.An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user in the context of the affected site. This may facilitate the theft of cookie-based authentication credentials as well as other attacks.
E-commerce is prone to a remote file include vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit this issue to include an arbitrary remote file containing malicious PHP code and execute it in the context of the Web server process. This may facilitate a compromise of the application and the underlying system; other attacks are also possible.
The e-commerce application fails to properly sanitize user-supplied input, leading to a cross-site scripting vulnerability. An attacker can inject arbitrary script code that will be executed in the browser of an unsuspecting user, allowing for the theft of authentication credentials and other attacks.
Limbo CMS is prone to multiple input validation vulnerabilities. These issues can allow attackers to carry out cross-site scripting, SQL injection, and local file include attacks.
The input validation vulnerabilities in Limbo CMS can allow attackers to carry out cross-site scripting, SQL injection, and local file include attacks. An example of a cross-site scripting attack is demonstrated through the URL: http://www.example.com/[path]/?_SERVER[]=&_SERVER[REMOTE_ADDR]=<script>alert(document.cookie)</script>
The Scientific Atlanta DPX2100 cable modems are prone to a denial of service vulnerability. Remote attackers can crash the affected devices or temporarily block further network routing functionality by sending TCP 'LanD' packets. This results in denial of network services to legitimate users.
The Westell Versalink 327W router is vulnerable to a denial of service attack when handling TCP 'LanD' packets. Remote attackers can exploit this vulnerability to crash the affected devices or temporarily block network routing functionality, resulting in a denial of service for legitimate users. An Hping2 command is provided as an example to exploit this vulnerability.
Multiple unspecified Cisco Catalyst switches are prone to a denial of service vulnerability. These devices are susceptible to a remote denial of service vulnerability when handling TCP 'LanD' packets. This issue allows remote attackers to crash affected devices, or to temporarily block further network routing functionality. This will deny further network services to legitimate users.