The Linux kernel is prone to a local integer-overflow vulnerability. A successful attack can result in a kernel crash. Arbitrary code execution may be possible as well, but this has not been confirmed.
The application fails to properly sanitize user-supplied input, leading to multiple vulnerabilities. These vulnerabilities can result in compromise of the application, arbitrary local file inclusion and code execution, disclosure or modification of data, and theft of cookie-based authentication credentials. Additionally, these vulnerabilities may also allow the attacker to exploit vulnerabilities in the underlying database implementation and perform other attacks.
mcGallery PRO is prone to multiple input validation vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. Successful exploitation of these vulnerabilities could result in a compromise of the application, arbitrary local file inclusion and code execution, disclosure or modification of data, and the theft of cookie-based authentication credentials. They may also permit an attacker to exploit vulnerabilities in the underlying database implementation as well as other attacks.
mcGallery PRO is prone to multiple input validation vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input.Successful exploitation of these vulnerabilities could result in a compromise of the application, arbitrary local file inclusion and code execution, disclosure or modification of data, the theft of cookie-based authentication credentials. They may also permit an attacker to exploit vulnerabilities in the underlying database implementation as well as other attacks.
Snipe Gallery is prone to multiple input-validation vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. Successful exploitation of these vulnerabilities could allow an attacker to compromise the application, access or modify data, steal cookie-based authentication credentials, and exploit vulnerabilities in the underlying database implementation. Other attacks are possible as well.
Snipe Gallery is prone to multiple input-validation vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. Successful exploitation of these vulnerabilities could allow an attacker to compromise the application, access or modify data, steal cookie-based authentication credentials, and exploit vulnerabilities in the underlying database implementation. Other attacks are possible as well.
This exploits a buffer overflow in the ADMCREG.EXE used in the PrivateWire Online Registration Facility.
This exploit overwrites an exception frame to control eip and get to our code. The code then locates the pointer to our larger buffer and execs.
The Snipe Gallery application fails to properly sanitize user-supplied input, leading to multiple input-validation vulnerabilities. An attacker can exploit these vulnerabilities to compromise the application, access or modify data, steal cookie-based authentication credentials, and exploit vulnerabilities in the underlying database implementation. Other attacks are also possible.
Mantis is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input.An attacker may leverage this issue to have arbitrary script code execute in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks.
Services By CQR