This vulnerability allows a remote user to overwrite heap memory of i3sipproxy. The request size varies, but size=2900 bytes works in most of the cases. Successful exploitation of this bug for code execution requires a magic combination of pre-allocations, data, and size.
HoneyComb Archive is prone to multiple input validation vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. Successful exploitation of these vulnerabilities could result in a compromise of the application, disclosure or modification of data, and the theft of cookie-based authentication credentials. They may also permit an attacker to exploit vulnerabilities in the underlying database implementation as well as other attacks.
D-Man is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input to the 'title' parameter.An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user in the context of the affected site.
An attacker can exploit this issue to include an arbitrary remote file containing malicious PHP code and execute it in the context of the Web server process. This may facilitate a compromise of the application and the underlying system; other attacks are also possible.
The HTML injection vulnerability in LiveJournal allows an attacker to inject HTML and script code into the dynamically generated content, potentially leading to the execution of malicious code in the context of the affected website. This can result in the theft of cookie-based authentication credentials and control over how the site is rendered to the user.
Blender is susceptible to an integer-overflow vulnerability. This issue is due to the application's failure to properly sanitize user-supplied input before using it in a memory allocation and copy operation. This issue allows attackers to execute arbitrary machine code in the context of the user running the affected application.
The vulnerability allows an attacker to retrieve arbitrary files by exploiting a failure in the application to properly sanitize user-supplied input. This can be done by manipulating the 'site' parameter in the URL.
This vulnerability in Info-ZIP 'unzip' allows attackers to execute arbitrary machine code in the context of users running the affected application. The issue arises due to the application's failure to properly bounds-check user-supplied data before copying it into an insufficiently sized memory buffer.
The vulnerabilities in Mercury CMS are due to a failure in properly sanitizing user-supplied input. Successful exploitation could lead to compromise of the application, disclosure or modification of data, theft of authentication credentials, and other attacks. The vulnerabilities include SQL injection and cross-site scripting (XSS) vulnerabilities.
Komodo CMS is prone to multiple input validation vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. Successful exploitation of these vulnerabilities could result in a compromise of the application, disclosure or modification of data, the theft of cookie-based authentication credentials. They may also permit an attacker to exploit vulnerabilities in the underlying database implementation as well as other attacks.
Services By CQR