This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Sophos Antivirus. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of CHM files. By supplying a specially crafted CHM file, an attacker can cause a heap overflow resulting in arbitrary code execution.
ClickTech Texas Rank'em is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database implementation.
HR Assist is prone to a remote login bypass vulnerability because the application fails to sufficiently sanitize user-supplied data. An attacker can exploit this issue to gain access to the application without valid credentials.
A remote SQL injection vulnerability exists in Request For Travel 1.0 (product). An attacker can exploit this vulnerability by sending a malicious SQL query to the vulnerable application. This can allow the attacker to gain access to sensitive information stored in the database, modify data, or execute system level commands.
Multiple Computer Associates security-related products are prone to multiple local privilege-escalation vulnerabilities. An attacker can leverage these issues to execute arbitrary code with SYSTEM-level privileges. This could result in the complete compromise of vulnerable computers. These isses affect CA Personal Firewall 2007 (v9.0) Engine version 1.0.173 and prior and CA Internet Security Suite 2007 version 3.0 with CA Personal Firewall 2007 version 9.0 Engine version 1.0.173 and prior.
Fscripts.pl is prone to a remote SQL injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. An attacker can exploit this issue to manipulate SQL queries by injecting arbitrary SQL code. This may allow the attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database implementation.
Image Gallery with Access Database is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting these issues could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database implementation.
A vulnerability in mxBB Module Profile Control Panel 0.91c allows remote attackers to include arbitrary files via a URL in the module_root_path parameter to includes/profilcp_constants.php.
The variable announce in maketorrent.php is not sanitised before being used. The announce variable goes through various stages throughout the script, then it is passed as a into an exec() function. This occurs in the middle of the string which is passed to the exec() function. Therefore it is possible to stop the current stop by starting with ; then by ending your command with ; (to avoid the other data TorrentFlux adds after the announce variable). No data is returned to the user when they use this exploit, so it is hard to tell if the script is vulnerable, and the use of htmlspecialchars() tends to make things much hard since chracters like < and > dont work.
Plesk is prone to multiple HTML-injection vulnerabilities because it fails to sufficiently sanitize user-supplied input data. Exploiting these issues may allow an attacker to execute HTML and script code in the context of the affected site, to steal cookie-based authentication credentials, or to control how the site is rendered to the user; other attacks are also possible.
Services By CQR